ponta-money.work Open in urlscan Pro
103.3.2.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ponta-money.work/
Effective URL:
https://ponta-money.work/
Submission: On August 21 via automatic, source certstream-suspicious (August 21st 2021, 7:14:38 am UTC)

Summary HTTP 130 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 18 domains to perform 130 HTTP transactions. The main IP is 103.3.2.32, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is ponta-money.work.
TLS certificate: Issued by R3 on June 21st 2021. Valid for: 3 months.

This is the only time ponta-money.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	103.3.2.32 103.3.2.32	131965 (XSERVER X...) (XSERVER Xserver Inc.)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	183.181.84.135 183.181.84.135	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
1	183.181.84.69 183.181.84.69	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
1	2.18.234.65 2.18.234.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
130	29

22 103.3.2.32 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv12031.xserver.jp

www.ponta-money.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ponta-money.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.181.84.135 (Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: sv8614.xserver.jp

cocablog.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.181.84.69 (Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: sv8548.xserver.jp

zubosiba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-65.deploy.static.akamaitechnologies.com

cdn.blog.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	493 KB
22	ponta-money.work 1 redirects www.ponta-money.work ponta-money.work	2 MB
18	doubleclick.net googleads.g.doubleclick.net	162 KB
9	google.com 4 redirects adservice.google.com www.google.com	1 KB
8	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	165 KB
7	googleapis.com ajax.googleapis.com fonts.googleapis.com	123 KB
6	gstatic.com fonts.gstatic.com	197 KB
5	googletagservices.com www.googletagservices.com	177 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	google.de adservice.google.de	975 B
2	jsdelivr.net cdn.jsdelivr.net	7 KB
1	st-hatena.com cdn.blog.st-hatena.com	250 KB
1	zubosiba.com zubosiba.com	36 KB
1	cocablog.site cocablog.site	133 KB
1	wp.com i2.wp.com	13 KB
1	googleadservices.com partner.googleadservices.com	661 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
130	18

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
21	ponta-money.work	ponta-money.work
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	ponta-money.work pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	platform.twitter.com	ponta-money.work platform.twitter.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	cdn.jsdelivr.net www.googletagmanager.com www.google-analytics.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	ponta-money.work
1	cdn.blog.st-hatena.com	ponta-money.work
1	zubosiba.com	ponta-money.work
1	cocablog.site	ponta-money.work
1	i2.wp.com	ponta-money.work
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	ponta-money.work
1	cdnjs.cloudflare.com	ponta-money.work
1	ajax.googleapis.com	ponta-money.work
1	www.ponta-money.work	1 redirects
130	23

This site contains links to these domains. Also see Links.

Domain
twitter.com
b.hatena.ne.jp
snowballstocks.com
cocablog.site
zubosiba.com
www.bakademodekiru.com

Subject Issuer	Validity	Valid
www.ponta-money.work R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.cocablog.site R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
www.zubosiba.com R3	`2021-08-11` - `2021-11-09`	3 months	crt.sh
cdn-ak.b.st-hatena.com GeoTrust RSA CA 2018	`2020-11-24` - `2021-11-28`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://ponta-money.work/
Frame ID: 90695EAB265D9990AA5C1F0354709C2A
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 97D8FB7141C8DE786C3354A186C2C68A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&adk=1812271804&adf=3025194257&lmt=1629494175&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fponta-money.work%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530058811&bpp=211&bdt=63&idt=211&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2372059047349&frm=20&pv=2&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307
Frame ID: C20725B017AC4B92D11DE76B9A0EA58B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fponta-money.work
Frame ID: 3A6C9E00A3C1821CECD7F178231A75C9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0&nras=2&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=unwji9Wwcs&p=https%3A//ponta-money.work&dtd=10
Frame ID: BC0CE8BBA5D61C9F8920084DA037913B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22
Frame ID: F5615094E87BACCA3447DEC96B40CB75
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25
Frame ID: 94B646790188BA9476593D8473A11ED3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27
Frame ID: 8F9459A8A120102249091A8DB0A379B6
Requests: 14 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Frame ID: 07577C60A79A9E95625C54E1418AB767
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Frame ID: BFEC6A9DE2A0C05D8BE038F46E820725
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 489B6C9241FF5A95000F42DDDD831DF8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html
Frame ID: 99659DC2C3EAE1E0B1EB14021B33E277
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9539CDC226EBC9028621D3EB8F894E1A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C5B8A24A5F6A60873E53FFE008FC5E2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 76D897177220ABF907CAE2C20662E45A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D64D5BD9F8C68DF04055FAE1728D48C3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Frame ID: F514E7736D22B91E7F80326B7FFDDD37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Frame ID: 163A0E8EFB22A7140C01F603A883EEAD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Frame ID: 8155046DD9EECBAEAFE142DEAB22E681
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7A0E9A14673ABBCFAAD9BF610739E6F2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19CA117812467F7DFA434F107F4CD5D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

初心者が始めるアメリカ株式投資

Page URL History Show full URLs

https://www.ponta-money.work/ HTTP 301
https://ponta-money.work/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

130
Requests

100 %
HTTPS

75 %
IPv6

18
Domains

23
Subdomains

29
IPs

3
Countries

4173 kB
Transfer

6585 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=%E5%88%9D%E5%BF%83%E8%80%85%E3%81%8C%E5%A7%8B%E3%82%81%E3%82%8B%E3%82%A2%E3%83%A1%E3%83%AA%E3%82%AB%E6%A0%AA%E5%BC%8F%E6%8A%95%E8%B3%87&url=https%3A%2F%2Fponta-money.work
Title: Twitter

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/ponta-money.work
Title: はてブ

Search URL Search Domain Scan URL

URL: https://twitter.com/ponta_money

Search URL Search Domain Scan URL

URL: https://snowballstocks.com/
Title: Snowball〜20代からの米国株積立投資〜

Search URL Search Domain Scan URL

URL: https://cocablog.site/
Title: ヒヨッコ投資家こかの投資ブログ

Search URL Search Domain Scan URL

URL: https://zubosiba.com/
Title: 柴犬の米国株

Search URL Search Domain Scan URL

URL: https://www.bakademodekiru.com/
Title: 馬鹿の馬鹿による馬鹿の為の株式投資

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ponta-money.work/ HTTP 301
https://ponta-money.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

130 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ponta-money.work/
Redirect Chain

https://www.ponta-money.work/
https://ponta-money.work/

428 KB
82 KB

762ms
513ms

Document
text/html

103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: fb1f6524f7e0e23f05465015933809b3761dfb0e1df4b568074c0b4275084701

Request headers

:method: GET
:authority: ponta-money.work
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 21 Aug 2021 07:14:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
last-modified: Fri, 20 Aug 2021 21:16:15 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
expires: Mon, 29 Oct 1923 20:30:00 GMT
pragma: no-cache
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 21 Aug 2021 07:14:17 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://ponta-money.work/
x-redirect-by: WordPress
cache-control: max-age=1
expires: Sat, 21 Aug 2021 07:14:18 GMT
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49909
x-xss-protection: 0
server: cafe
etag: 7723420151934129076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 Aug 2021 07:14:18 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=3.3.1

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 23:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 23:42:52 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.1/ 11 KB
3 KB 12ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.1/jquery-migrate.min.js?ver=3.0.1

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6260612
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3054
cf-request-id: 0a93ff2af80000bf0fd31a2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2c9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnurg%2Fm783lqQDcQXRnoDdNvpC66kY5S06c2wjxu8R5f5iGLLFVm2kovWc7lK0HLC2AsE2mKfVpKm2DV0P9TWhzZQ%2Fw0972OzntiZAkG6EnV00PAZH4LrgnY9YRIqtJbrUwJON1w1Jqq2QABbPuqWt4u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 682210533b242b89-FRA
expires: Thu, 11 Aug 2022 07:14:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-198018087-1

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d85aa7b9b7daeb7c8ac3493886175d4b159316fadb993ec6942ea295248d15af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41007
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Aug 2021 07:14:18 GMT

GET
H2 200 ga-lite.min.js Show response
cdn.jsdelivr.net/npm/ga-lite@2/dist/ 8 KB
3 KB 18ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/ga-lite@2/dist/ga-lite.min.js

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a858d60bf50b0108d2dcfe8351f694c425d811615e2588e659030050693eb50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26145
x-jsd-version: 2.1.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3039
etag: W/"1ffd-OrRxGSclknOmiO/RKOPBOJcE4A4"
x-served-by: cache-fra19122-FRA
x-jsd-version-type: version
date: Sat, 21 Aug 2021 07:14:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 252 KB
93 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 16230733116024533272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 Aug 2021 07:14:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 97D8 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 20 Aug 2021 20:11:15 GMT
expires: Fri, 03 Sep 2021 20:11:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 39783
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect
www.google-analytics.com/ 35 B
242 B 15ms
15ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect?v=1&ul=en-us&de=UTF-8&dl=https%3A%2F%2Fponta-money.work%2F&dt=%E5%88%9D%E5%BF%83%E8%80%85%E3%81%8C%E5%A7%8B%E3%82%81%E3%82%8B%E3%82%A2%E3%83%A1%E3%83%AA%E3%82%AB%E6%A0%AA%E5%BC%8F%E6%8A%95%E8%B3%87&sd=24-bit&sr=1600x1200&vp=1600x1200&dr=&t=pageview&cid=0.6174449145261067.0.1741825488265536&tid=UA-136298942-1&z=1629530058821

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/ga-lite@2/dist/ga-lite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:14:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://ponta-money.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-198018087-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 37
date: Sat, 21 Aug 2021 07:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sat, 21 Aug 2021 09:13:41 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
12ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=941893096&t=pageview&_s=1&dl=https%3A%2F%2Fponta-money.work%2F&ul=en-us&de=UTF-8&dt=%E5%88%9D%E5%BF%83%E8%80%85%E3%81%8C%E5%A7%8B%E3%82%81%E3%82%8B%E3%82%A2%E3%83%A1%E3%83%AA%E3%82%AB%E6%A0%AA%E5%BC%8F%E6%8A%95%E8%B3%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1555968154&gjid=1033399218&cid=1773199992.1629530059&tid=UA-198018087-1&_gid=630401307.1629530059&_r=1&gtm=2ou8i0&did=dZTNiMT&z=180550772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:14:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponta-money.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icomoon.woff
ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 12 KB
12 KB 269ms
268ms Font
application/x-font-woff 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?3o5bkh
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30

Request headers

sec-fetch-mode: cors
origin: https://ponta-money.work
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
:path: /wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?3o5bkh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ponta-money.work
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Thu, 12 Aug 2021 14:21:04 GMT
server: nginx
content-type: application/x-font-woff
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12580
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 icomoon.ttf
ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 12 KB
8 KB 269ms
268ms Font
application/x-font-ttf 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf?3o5bkh
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195

Request headers

sec-fetch-mode: cors
origin: https://ponta-money.work
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
:path: /wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf?3o5bkh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ponta-money.work
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 14:21:04 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: application/x-font-ttf
cache-control: max-age=31536000, public
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 fa-brands-400.woff2
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 75 KB
75 KB 510ms
509ms Font
application/x-font-woff2 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-brands-400.woff2
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

sec-fetch-mode: cors
origin: https://ponta-money.work
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
:path: /wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-brands-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ponta-money.work
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Thu, 12 Aug 2021 14:21:04 GMT
server: nginx
content-type: application/x-font-woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 76612
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 fa-regular-400.woff2
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 13 KB
13 KB 268ms
267ms Font
application/x-font-woff2 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-regular-400.woff2
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

sec-fetch-mode: cors
origin: https://ponta-money.work
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
:path: /wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-regular-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ponta-money.work
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Thu, 12 Aug 2021 14:21:04 GMT
server: nginx
content-type: application/x-font-woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 13584
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 fa-solid-900.woff2
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 78 KB
78 KB 269ms
268ms Font
application/x-font-woff2 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-solid-900.woff2
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

sec-fetch-mode: cors
origin: https://ponta-money.work
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
:path: /wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-solid-900.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ponta-money.work
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Thu, 12 Aug 2021 14:21:04 GMT
server: nginx
content-type: application/x-font-woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 79444
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 header2.png
ponta-money.work/wp-content/uploads/2020/07/ 58 KB
58 KB 498ms
498ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2020/07/header2.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 7c47876d0ea888f37089a5b2ce560adb8347b58f0627383874313e1a514194c4

Request headers

:path: /wp-content/uploads/2020/07/header2.png
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Sun, 12 Jul 2020 13:34:23 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 59613
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 27ms
26ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=191&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20An%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A220%3A326)%0Aat%20zn%20(adsbygoogle.js%3A219%3A631)%0Aat%20Gn%20(adsbygoogle.js%3A226%3A365)%0Aat%20c%20(adsbygoogle.js%3A227%3A38)%0Aat%20adsbygoogle.js%3A67%3A146%0Aat%20oe.n.la%20(adsbygoogle.js%3A66%3A804)%0Aat%20adsbygoogle.js%3A67%3A121%0Aat%20adsbygoogle.js%3A37%3A479%0Aat%20MutationObserver.Hn.observe.childList%20(adsbygoogle.js%3A227%3A259)&shv=r20210812&mjsv=m202108190101&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C3106T&url=https%3A%2F%2Fponta-money.work%2F

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:14:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
661 B 104ms
46ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ponta-money.work&callback=_gfp_s_&client=ca-pub-9862775704499057

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

56441671998f6ad149c4fb0cac2c0af65b6f9c8d411873ad86c21c50985c4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ponta-money.work

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ponta-money.work

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C207 22 KB
5 KB 356ms
354ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&adk=1812271804&adf=3025194257&lmt=1629494175&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fponta-money.work%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530058811&bpp=211&bdt=63&idt=211&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2372059047349&frm=20&pv=2&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

067403dc435e7c7b9d092c84676508f411d816ba987808da2f0e5717ba5e46dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862775704499057&output=html&adk=1812271804&adf=3025194257&lmt=1629494175&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fponta-money.work%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530058811&bpp=211&bdt=63&idt=211&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2372059047349&frm=20&pv=2&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 21 Aug 2021 07:14:19 GMT
server: cafe
content-length: 5178
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 21-Aug-2021 07:29:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:14:19 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:14:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67BE)
Age: 1386
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 a2d8c4ac8cf3ee51d7810dc25fad79d7.jpg
i2.wp.com/snowballstocks.com/wp-content/uploads/2019/04/ 13 KB
13 KB 61ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/snowballstocks.com/wp-content/uploads/2019/04/a2d8c4ac8cf3ee51d7810dc25fad79d7.jpg?resize=400%2C300

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

6743649c9f9a466a1d18445a11e0b85f6bb5cf958637f996af0ea5b755b716ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sat, 21 Aug 2021 07:14:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 22:15:27 GMT
server: nginx
etag: "6f54699799d328dd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://snowballstocks.com/wp-content/uploads/2019/04/a2d8c4ac8cf3ee51d7810dc25fad79d7.jpg>; rel="canonical"
content-length: 13352
expires: Mon, 21 Aug 2023 10:15:27 GMT

GET
H2 200 20190216icon%E3%81%AE%E3%82%B3%E3%83%94%E3%83%BC.png
cocablog.site/wp-content/uploads/ 133 KB
133 KB 1016ms
490ms Image
image/webp 183.181.84.135
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cocablog.site/wp-content/uploads/20190216icon%E3%81%AE%E3%82%B3%E3%83%94%E3%83%BC.png?resize=300%2C200
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.84.135 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS: sv8614.xserver.jp
Software: nginx /
Resource Hash: 0f576e6da409208815ca5163836e92afddf8346797705a0902161ba840040116

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Mon, 12 Jul 2021 06:24:56 GMT
server: nginx
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=1
accept-ranges: bytes
content-length: 136210
expires: Sat, 21 Aug 2021 07:14:20 GMT

GET
H2 200 49133395-1.jpg
zubosiba.com/wp-content/uploads/2019/08/ 36 KB
36 KB 1298ms
498ms Image
image/jpeg 183.181.84.69
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zubosiba.com/wp-content/uploads/2019/08/49133395-1.jpg?resize=300%2C200
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.84.69 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS: sv8548.xserver.jp
Software: nginx /
Resource Hash: 4127b48be4434fdef1643c23f88bf9d4f782500774773c4ec8a56d9e607e0b01

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Thu, 04 Jun 2020 09:15:02 GMT
server: nginx
etag: "8f5b-5a73e9457e065"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 36699
expires: Sat, 28 Aug 2021 07:14:20 GMT

GET
H/1.1 200
OK lane.gif
cdn.blog.st-hatena.com/css/theme/sushiyuki/images/ 249 KB
250 KB 112ms
39ms Image
image/gif 2.18.234.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.blog.st-hatena.com/css/theme/sushiyuki/images/lane.gif?version=1c3afeb7551424fae7c3d921fa3e8510004d33f6&env=production
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 51c82a45def57f7d137067d508bdd79be096b85eda834315f5c4ebcca8fec3a7

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:14:19 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
ETag: "611a0bd9-3e5a1"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=193756
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 255393
Expires: Mon, 23 Aug 2021 13:03:35 GMT

GET
H2 200 avatar20190906213406.jpg
ponta-money.work/wp-content/uploads/2020/05/ 86 KB
86 KB 267ms
265ms Image
image/jpeg 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2020/05/avatar20190906213406.jpg
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: a33fad02887bffcc21ba25782e3472bbc8474c87b06b88aaf890333ec9804e0d

Request headers

:path: /wp-content/uploads/2020/05/avatar20190906213406.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Sun, 17 May 2020 00:30:49 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 88218
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.13/ 10 KB
4 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.13/clipboard.min.js

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4876728
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3469
etag: W/"29b8-SfrX8LNZaoGlcNmIEvoJIzsobb4"
x-served-by: cache-fra19122-FRA
date: Sat, 21 Aug 2021 07:14:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 casino_chip-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 228 KB
229 KB 280ms
279ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/casino_chip-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: e4507fb30c4deea59b3fc01f9b3fb358ce1df6e4cd40d1bf7ccfb56dc6e0f8d4

Request headers

:path: /wp-content/uploads/2021/08/casino_chip-640x360.png
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Fri, 20 Aug 2021 16:08:55 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 233569
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 kiss_couple_man-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 206 KB
206 KB 280ms
279ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/kiss_couple_man-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: fa33a3232ddeca475245ee4e42762253f6bb3e5ffed8e634e4a696af91eee9e2

Request headers

:path: /wp-content/uploads/2021/08/kiss_couple_man-640x360.png
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Thu, 19 Aug 2021 14:42:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 210755
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 922320dd-s.png
ponta-money.work/wp-content/uploads/2021/08/ 105 KB
105 KB 279ms
279ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/922320dd-s.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 87867176efe3326b0bb4caca2ad02723286a18205090923f332930aa12c44342

Request headers

:path: /wp-content/uploads/2021/08/922320dd-s.png
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Wed, 18 Aug 2021 15:55:41 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 107372
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 syouken_torihiki_man-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 258 KB
258 KB 280ms
279ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/syouken_torihiki_man-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 5648ace9fd42b6d8bd1c74e31ffb0f9527826877457fe064790f048b37c07fce

Request headers

:path: /wp-content/uploads/2021/08/syouken_torihiki_man-640x360.png
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
last-modified: Tue, 17 Aug 2021 14:05:27 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 263722
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 ishiki_takai-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 153 KB
154 KB 270ms
268ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/ishiki_takai-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: b09648bdaba00278effdb4cfee27d8d77102d3a93575a9718cee4fe7c204b57b

Request headers

:path: /wp-content/uploads/2021/08/ishiki_takai-640x360.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Mon, 16 Aug 2021 16:49:44 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 157050
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H2 200 point_happy_woman-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 152 KB
152 KB 269ms
268ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/point_happy_woman-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: bf5af1b082cec0c615b9bb2a8dce56e5f7ea9ef14f2897845dd7519779c8c834

Request headers

:path: /wp-content/uploads/2021/08/point_happy_woman-640x360.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Sun, 15 Aug 2021 06:29:34 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 155346
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H2 200 money_fuyouhin_man_uru-640x360.png
ponta-money.work/wp-content/uploads/2020/07/ 169 KB
169 KB 269ms
268ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2020/07/money_fuyouhin_man_uru-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 41b2b8a681e4809974e473a14680715a99b7481fb6cec4120d8f799a8740a71b

Request headers

:path: /wp-content/uploads/2020/07/money_fuyouhin_man_uru-640x360.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Tue, 07 Jul 2020 13:48:37 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 172663
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H2 200 takarakuji-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 187 KB
188 KB 273ms
271ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/takarakuji-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 903425490c1b5e8b5fcb5527ccfaf91c4b01b9f17f4ce6319f6947a4d3929722

Request headers

:path: /wp-content/uploads/2021/08/takarakuji-640x360.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Fri, 13 Aug 2021 12:24:41 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 191740
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H2 200 cry_boy-526x360.png
ponta-money.work/wp-content/uploads/2021/08/ 163 KB
164 KB 271ms
270ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/cry_boy-526x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: f05e46a34bf9cc6350fd9b37797b22cf7027ecaa3e06810b6a89f399867a117f

Request headers

:path: /wp-content/uploads/2021/08/cry_boy-526x360.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Thu, 12 Aug 2021 14:39:59 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 167358
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H2 200 cool_japan-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 297 KB
298 KB 265ms
264ms Image
image/png 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ponta-money.work/wp-content/uploads/2021/08/cool_japan-640x360.png
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 9f5348f5011726b3040005ebe5b95a773d639d4bd9876c6e9c982204d009ab61

Request headers

:path: /wp-content/uploads/2021/08/cool_japan-640x360.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
last-modified: Wed, 11 Aug 2021 14:45:25 GMT
server: nginx
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 304521
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H2 200 all.min.css
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/ 57 KB
14 KB 722ms
721ms Stylesheet
text/css 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/all.min.css
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

:path: /wp-content/themes/cocoon-master/webfonts/fontawesome5/css/all.min.css
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 14:21:03 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 style.css
ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/ 3 KB
1 KB 722ms
722ms Stylesheet
text/css 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/style.css
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20

Request headers

:path: /wp-content/themes/cocoon-master/webfonts/icomoon/style.css
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 14:21:04 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H2 200 fontawesome5.css
ponta-money.work/wp-content/themes/cocoon-master/css/ 6 KB
1 KB 722ms
722ms Stylesheet
text/css 103.3.2.32
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://ponta-money.work/wp-content/themes/cocoon-master/css/fontawesome5.css
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12031.xserver.jp
Software: nginx /
Resource Hash: b02dfd272ecdd8b4736df5fb3e0704e64453255f40aa230037857243585101a8

Request headers

:path: /wp-content/themes/cocoon-master/css/fontawesome5.css
pragma: no-cache
cookie: _ga=GA1.2.1773199992.1629530059; _gid=GA1.2.630401307.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ponta-money.work
referer: https://ponta-money.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 14:21:03 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Sun, 21 Aug 2022 07:14:19 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 3A6C 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fponta-money.work
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ponta-money.work/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 214543
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Aug 2021 07:14:19 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D5)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3A6C 232 B
432 B 180ms
129ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=beb48560f1699adb8d59b2a0e08900b53fe2c3c4

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fponta-money.work

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
last-modified: Sat, 21 Aug 2021 07:14:19 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: dd9c767bb46cfb8e85465d72650206e616619a08c8d9c65fbb221f59746c9d32
content-length: 166

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 27ms
26ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-9862775704499057&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=false&a=6%2C1%2C5%2C7&apv=20210818_103643&sat=1629484371742&afm=0&as_count=0&d_count=0&ng_count=0&am_count=4&atf_count=0&mdns=0&alldns=0.238&allp=34&fd=(0%2C14%2C1)%2C(1%2C10%2C6)%2C(2%2C0%2C0)&pgh=3780&su=ponta-money.work&pvc=1228144145124997&r=0.1

Requested by

Host: ponta-money.work
URL: https://ponta-money.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:14:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ponta-money.work

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ponta-money.work

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC0C 102 KB
36 KB 477ms
477ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0&nras=2&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=unwji9Wwcs&p=https%3A//ponta-money.work&dtd=10

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22ee390b26ecf4998aaec7c60cefca34e7729635fa259f102074c4cfcc18e3c7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPmt5cLIwfICFRDAuwgdfzYGSQ&gqi=y6cgYZ3SH5iY3gPE4oWoAw&layout=/sadbundle/%24csp%253Der3%24/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0&nras=2&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=unwji9Wwcs&p=https%3A//ponta-money.work&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPmt5cLIwfICFRDAuwgdfzYGSQ&gqi=y6cgYZ3SH5iY3gPE4oWoAw&layout=/sadbundle/%24csp%253Der3%24/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 21 Aug 2021 07:14:19 GMT
server: cafe
content-length: 36577
x-xss-protection: 0
set-cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:19 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F561 111 KB
39 KB 439ms
438ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789b15ca15e37b0858a53ed1afa01d4f6da3a8c7c21d61999ae5112d98eb0a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 21 Aug 2021 07:14:19 GMT
server: cafe
content-length: 40019
x-xss-protection: 0
set-cookie: IDE=AHWqTUmC17mggk_FmmM0IECAThCPXxK_BX2rjecG_ScS90pSZWL5aCxlkZpQmDxt-Xo; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:19 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94B6 112 KB
39 KB 450ms
450ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f84772ceddcf73e446db792c2330a0acbc2140c38d26b64351445136e4f0de86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 21 Aug 2021 07:14:19 GMT
server: cafe
content-length: 39555
x-xss-protection: 0
set-cookie: IDE=AHWqTUllhcgmUljjbfyggOSppsZpvOMwZTbKt33C9KvPNttV1K2OVlTM7ZJd9QzOzVA; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:19 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F94 108 KB
38 KB 419ms
419ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c59951200b3f526131f8669cddd0205a176b1eb8f970aeeb3d3a48dbabba153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 21 Aug 2021 07:14:19 GMT
server: cafe
content-length: 38615
x-xss-protection: 0
set-cookie: IDE=AHWqTUnvc0VzmuzgudoVDsD3oSu_5QbR1UXxWhmEoTB-gAY8dAtFSCsGXuSHHXijxeA; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:19 GMT
cache-control: private

GET
H/1.1 200
OK button.5d16ecc02fbaf599a24dfb57ab239320.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:14:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:39 GMT
Server: ECS (frb/67BE)
Age: 214545
Etag: "6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html Show response
platform.twitter.com/widgets/ Frame 0757 37 KB
14 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ponta-money.work/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 214244
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Aug 2021 07:14:19 GMT
Etag: "7bbedeb3f951490fe07215cd8ca17db6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:43 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BE)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 14067

GET
H/1.1 200
OK follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html Show response
platform.twitter.com/widgets/ Frame BFEC 37 KB
14 KB 14ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ponta-money.work/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 214244
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Aug 2021 07:14:19 GMT
Etag: "7bbedeb3f951490fe07215cd8ca17db6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:43 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BE)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 14067

GET
DATA 200
OK truncated
/ Frame 0757 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 489B
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: ponta-money.work
URL: https://ponta-money.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://ponta-money.work
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 214544
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 21 Aug 2021 07:14:19 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 02 Aug 2021 20:34:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BE)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Sat, 21 Aug 2021 07:14:19 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sat, 21 Aug 2021 07:14:19 GMT
x-transaction: 5e066526de7096b6
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: dd9c767bb46cfb8e85465d72650206e616619a08c8d9c65fbb221f59746c9d32

GET
H2 200 css
fonts.googleapis.com/ Frame 8F94 8 KB
809 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 06:51:11 GMT
server: ESF
date: Sat, 21 Aug 2021 07:14:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Aug 2021 07:14:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8F94 116 KB
30 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 07:14:19 GMT
server: ESF
date: Sat, 21 Aug 2021 07:14:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Aug 2021 07:14:19 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8F94 31 KB
12 KB 35ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12648
x-xss-protection: 0
server: cafe
etag: 3919984641620196875
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:04:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F94 124 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:19 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:14:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 8F94 18 KB
8 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:12:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8F94 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:13:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8F94 14 KB
6 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:11:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8F94 0
0 17ms
16ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWg31fb_marfPPQHqZQotXzhfMfs3NuiiOhenFe7TKtAmjR7Rx8IeM0O6bnZFRXQxN43qU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame F561 8 KB
786 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 06:38:56 GMT
server: ESF
date: Sat, 21 Aug 2021 07:14:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Aug 2021 07:14:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F561 116 KB
30 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 07:14:19 GMT
server: ESF
date: Sat, 21 Aug 2021 07:14:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Aug 2021 07:14:19 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F561 31 KB
12 KB 25ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12648
x-xss-protection: 0
server: cafe
etag: 3919984641620196875
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:04:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame F561 18 KB
8 KB 19ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:12:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F561 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:13:10 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F561 124 KB
37 KB 40ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:14:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F561 14 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:11:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F561 0
0 13ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQekArDUGlHgiYSCQJyZOBAthUBAS6FnKb-aiskjNgRdMvkKDNMELKvh6sAmNOnQbSi_WRO
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 css
fonts.googleapis.com/ Frame 94B6 8 KB
713 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 07:14:20 GMT
server: ESF
date: Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Aug 2021 07:14:20 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 94B6 116 KB
30 KB 29ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 07:08:49 GMT
server: ESF
date: Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Aug 2021 07:14:20 GMT

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 94B6 31 KB
12 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12648
x-xss-protection: 0
server: cafe
etag: 3919984641620196875
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:04:36 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 94B6 18 KB
7 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:14:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 94B6 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:13:10 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94B6 124 KB
37 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:14:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 94B6 14 KB
6 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:11:56 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame BC0C 18 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0&nras=2&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=unwji9Wwcs&p=https%3A//ponta-money.work&dtd=10

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:14:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame BC0C 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:13:10 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC0C 124 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:14:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame BC0C 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:11:56 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/ Frame 9965 23 KB
6 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1746cc85018bab92f0442999d488e5bd3a39a132966b50133a3ccfccdf708d1d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 19 Aug 2021 12:20:15 GMT
expires: Fri, 19 Aug 2022 12:20:15 GMT
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 6580
age: 154445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC0C 0
0 30ms
29ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpX_My6cgYbmcIJCA7_UP_-yYyASlqeOzZPr_z7bFDuOftY7FARABIKGJwHRglQKgAZ_StbcByAEJqQIw1RPkHaGzPqgDAcgDSKoEuwFP0HCTVtGU4Co2I5COqCCgCgh4VZWSdLawr_V1yGq42OZp4kye6N7L6qVtPrfo7Gi8H0MWzhSGnDzbRfSXYEvUwtElsp4itZutd8PD8YcPVloESEu9JgEsZXg30eiwzmr_5WLsfervNzZ_1SSFTpLHZgk-iZ_E_9t2WNTKQUM9kssAxblZghOS32nzAss6ExSmFVV8_F6I_XdBM9l7-5QaM9JmLeuZLb39lRQnIW45Oa6a7j2qs3fWj4K-wATll7_j0wOSBQQIBBgBkgUECAUYBKAGLoAHya3KyAKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQns8K0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTk4NjI3NzU3MDQ0OTkwNTcYAA&sigh=J4qxpvrvXhk&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0&nras=2&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=unwji9Wwcs&p=https%3A//ponta-money.work&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 Aug 2021 07:14:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9539 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0&nras=2&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=unwji9Wwcs&p=https%3A//ponta-money.work&dtd=10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0&nras=2&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=unwji9Wwcs&p=https%3A//ponta-money.work&dtd=10

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 21 Aug 2021 06:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BC0C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72a0ecf12e0cbc3800946e148a86a1c6175bd37c090ce8b80b076cafe2fc2c02

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2237667728196434247/ Frame 8F94 25 KB
25 KB 126ms
125ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2237667728196434247/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvwIQpwEYASABLQAAAD8wwAI4pwFFAACAPw&rs=AOga4qm4dqlaConSlSwtnWcBph0D0zdOjw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccfeed830055044756c2bd8c8f77a26196510a4d4134b0a09828d5ea2d8e3663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 May 2020 08:28:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25356
x-xss-protection: 0
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F94 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-f10y6cgYYuRId-P7_UP6J2D4Af63MPHY8TFtYqKDKz3o9ueGxABIKGJwHRglQKgAd6I5YYDyAEGqQIw1RPkHaGzPqgDAcgDywSqBLoBT9D1H6XkDzlq6cVMlyfZ1FTv-y10XsWolo268BxKREvcGwHme6wOIqlaD6YEGcyKTZjycY8VwCdepf0vCPCZ3DRVqhmlfpfBsNKW-reA-pFCk2JxVYwJ1VVOLooIlWkCWLRuidJkAy5vSZ4BP80OJL1lLQYcN_ityvVJz1pA-2emcMiT99sbDYCQ-Hm4xb_-6PHYUgIaxNBU5YpX6Xvmg0Jgye7vz_Xz6zML9xzuHo6xq3ddb-O55Pj8wATqkMD-7QGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHiveaeagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDE3RbSCAkIgOGAcBABGB-ACgHICwHYEw2IFAvQFQGYFgGAFwGyFxwKGggAEhRwdWItOTg2Mjc3NTcwNDQ5OTA1NxgA&sigh=lMTbi0StPL0&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 Aug 2021 07:14:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5B8 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=753&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1YHSUF04mp&p=https%3A//ponta-money.work&dtd=27

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 21 Aug 2021 06:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8F94 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a922d303f74d2d9e594dd0fd3b55fc0d23163d463d754e3294ddd87b541a89f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8F94 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 367288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 01:12:52 GMT

GET
H2 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ Frame 8F94 50 KB
50 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 03:10:00 GMT
x-content-type-options: nosniff
age: 360260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51132
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:33:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 03:10:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14979880625476255629/ Frame F561 18 KB
18 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14979880625476255629/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvwIQpwEYASABLQAAAD8wwAI4pwFFAACAPw&rs=AOga4ql_nq6pkPh-pCrPWrIeEeDQ3PcVtw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0cbc465a0d1dfd3d2deb8ba61ea6e69364d0cc01caa59674a82fea8e72b0fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 07:43:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18614
x-xss-protection: 0
expires: Sun, 21 Aug 2022 07:14:20 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76D8 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 21 Aug 2021 06:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2511341887701898134/ Frame 94B6 13 KB
13 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2511341887701898134/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvwIQpwEYASABLQAAAD8wwAI4pwFFAACAPw&rs=AOga4qnc-HOhYy1J_LW8J_0ahTCq9D4K3g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11f2428ca2f488b7691c6688ab9250d6c8383d1a09e111223708c0daac8d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 01:23:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 14:49:52 GMT
server: sffe
age: 107457
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13534
x-xss-protection: 0
expires: Sat, 20 Aug 2022 01:23:23 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 94B6 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkECJy6cgYfqYIbjO7_UPvpCV0ArM9biFZOqwheWmDom-8PeDAhABIKGJwHRglQKgAebjq-sDyAEGqQIw1RPkHaGzPqgDAcgDywSqBLkBT9CzHYV8s8lqo6JThXaWzSkEqkJoXtT6J5EcZ3R2alQ6qd8RH3xD3RQRudkNiQbw3XmUtSrnglPNzLv9AsJIRL52DNLFBOw_6IvgEd-YgbS05LEymD4Kmf9bgxeeAy9dHg2CwCLJxEykzl2MXVSnCWeaMlVJEHn0KAlPs5La1DhP5eKfliqH_K6-0vd6rDbwwKpVpvoHqmygXjCr8UqA5QpbVv-4ZaOWDZVZh7ymlj1rmNbqJY-cug7ABL6gmsfOA5IFBAgEGAGSBQQIBRgEoAY3gAeu__ksqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMGLFtIICQiA4YBwEAEYH4AKAcgLAdgTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi05ODYyNzc1NzA0NDk5MDU3GAA&sigh=bg59gVsfOGk&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 Aug 2021 07:14:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D64D 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 21 Aug 2021 06:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F561 16 KB
16 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 309413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 17:17:27 GMT

GET
H3-29 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ Frame F561 50 KB
50 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:56:39 GMT
x-content-type-options: nosniff
age: 328661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51132
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:33:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:56:39 GMT

GET
DATA 200
OK truncated
/ Frame 94B6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 967fa2913be44acbb7db53d8c4d2ed52d48f7ef586e4d2914ba08ae0894f8c45

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 94B6 16 KB
16 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 309413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 17:17:27 GMT

GET
H3-29 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ Frame 94B6 50 KB
50 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:56:39 GMT
x-content-type-options: nosniff
age: 328661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51132
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 04:33:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:56:39 GMT

GET
DATA 200
OK truncated
/ Frame F561 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30105b14706077893415eef8550e24c366af19e0e39292306daa53ce0a5da1bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9965 9 KB
3 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 21 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9965 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 21 Aug 2021 12:37:33 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F561 0
17 B 30ms
30ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSKCUy6cgYdrzIMuLlQe1mLTIDIvstKlj5bL9zusNzPHW4-0lEAEgoYnAdGCVAqAB29yvwALIAQapAjDVE-QdobM-qAMByAPLBKoEuwFP0BWpJt68eraDChwEQWyXhJI9nwAAA1kRKdXm41XFla8FrWkQqLz4o-Q1-Mv_Ha4hAS5_EooICyjKCZssHGEphQr8nERZS9E9WsWVBuzW7pe-aZp1AUPR9vsfrL6SZjxkbDNsBHbiTaAfXNQD02jodXNphPMfcOIJQbTNPdtcOuZ5eOiSCziSy37mM1Fw9BRlwcHCK9tg0H-ya7ormOx_n_dCK4uIo4WalAE0Lo2xYbkOaXNY5MUjHEKqwATXvsL61wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHrK6fpQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-JhU0ggJCIDhgHAQARgfgAoByAsB2BMNiBQE0BUBgBcBshccChoIABIUcHViLTk4NjI3NzU3MDQ0OTkwNTcYAA&sigh=y9D4gDidGUg&template_id=492&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 Aug 2021 07:14:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 bg4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 18 KB
18 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/bg4.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8cbe3c94cc68f9e0ea1570f9e9a79aca95cd1f1e7fa70c0745bcfb5b757feab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18523
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 bg3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 20 KB
20 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/bg3.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7cb8b0f87d8617af6e450c2d5ae1da271e85822edc9b2453a64af3c4e41baf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20591
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 bg2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 18 KB
18 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/bg2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ba8bccc0b5be1a01972e5b5b2c5acb3e2e92be862b8fe3f222925dfe7f62e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 177172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18088
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Thu, 19 Aug 2021 06:01:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:01:28 GMT

GET
H3-29 200 bg1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 16 KB
17 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/bg1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44db28cb8b73cba93ddf6e6efe1af4648c8ea8075f12082415c68901c4d7592d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16889
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 857 B
884 B 17ms
15ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4eff6afcb917dbf00e684325f4dbccec283fd12ec976eaa631c1c8c49e6ab6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 857
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 copy1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 4 KB
4 KB 21ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/copy1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57faeeaa9a50b8e8be69684c83753733ec0e550185c7fbe370dfe704ec4568eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3701
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 copy2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 4 KB
4 KB 20ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/copy2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

756f1adf8481bf0d907fc698e20d1ba8cc9f846abb3477c7faf6dd6ab4e864de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 177308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4008
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Thu, 19 Aug 2021 05:59:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 05:59:12 GMT

GET
H3-29 200 copy3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 4 KB
4 KB 17ms
16ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/copy3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e26c0c57f2b33325502052e76cfd30d4419cae2f8519bfecba3ccc8a2f8289

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4558
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 endFrame1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 684 B
713 B 20ms
18ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/endFrame1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9713e74a6a6f33d63feff2e65c67c709ca09b4b6c3841e6ce9817ada229d4450

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 684
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 endFrame2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 550 B
579 B 19ms
18ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/endFrame2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f606ad2bf21f4aa26bb26ad620ddb4acc89f486a734c29f4c0256fbb4407f6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 550
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 endFrame3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 3 KB
3 KB 18ms
17ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/endFrame3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a0c02f6e17cc5620293059d304f35739d73e5c11caed46af18d010c200e5f5f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3244
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Thu, 19 Aug 2021 06:20:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:20:42 GMT

GET
H3-29 200 endFrame4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 2 KB
2 KB 18ms
17ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/endFrame4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc9a464d84b1829803cf8fddd799fa48f80d804eda0d7dfa3f67fbdd4933cc5d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1611
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Fri, 20 Aug 2021 22:02:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 22:02:57 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/ Frame 9965 783 B
811 B 16ms
15ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/images/cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7435755204904268727/Front_300x250_v4_modified/Front_300x250_v4/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9248542b55f10b006b86fd81d43c2f1ebf570293d74a331ec7daed7f63149dec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 783
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:40:00 GMT
server: sffe
date: Thu, 19 Aug 2021 06:19:49 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:19:49 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9539
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
22ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
23ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D64D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
23ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:14:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 21 Aug 2021 07:14:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js Show response
pagead2.googlesyndication.com/bg/ Frame F514 35 KB
13 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 06:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 06:15:51 GMT

GET
H2 200 1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js Show response
pagead2.googlesyndication.com/bg/ Frame 163A 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=eprOVwQg4Q&p=https%3A//ponta-money.work&dtd=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 06:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 06:15:51 GMT

GET
H3-29 200 1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js Show response
pagead2.googlesyndication.com/bg/ Frame 9965 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 22:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 22:20:30 GMT

GET
H3-29 200 1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8155 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059500&bpp=1&bdt=752&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc366dbb9ac9dcad4-22ca7393b1c90024%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZSwaUb1EZ1qtm4L39ZcB1CMImWag&prev_fmts=0x0%2C336x280&nras=3&correlator=2372059047349&frm=20&pv=1&ga_vid=1773199992.1629530059&ga_sid=1629530059&ga_hid=941893096&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C182982200%2C31062314%2C20211866%2C31062179%2C31062297&oid=3&pvsid=1228144145124997&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3OsgDv3Fov&p=https%3A//ponta-money.work&dtd=22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 22:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 22:20:30 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
18ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c78e0712514a0fc2232eba9dba936bc5ee7beae6822d0c595242313608dbebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8586
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:14:20 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7A0E 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 18:33:19 GMT
expires: Sat, 20 Aug 2022 18:33:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 19CA 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97ace3d4488ed502aa0964612a0d1ddc034eea681f606b0e4e1931fe0836eaae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vwuGaSZRycHWVxsSI0LiBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ponta-money.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ponta-money.work/

Response headers

expires: Sat, 21 Aug 2021 07:14:20 GMT
date: Sat, 21 Aug 2021 07:14:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-vwuGaSZRycHWVxsSI0LiBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A0E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 22:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 22:20:30 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=1228144145124997&bg=!Xl2lXRnNAAZvV8FTb1c7ACkAdvg8WtzpgYxgIRzkJ3ipZ3hfeLePj8i6MfsUNIJE--L5lrIsd4OCKAIAAABIUgAAAApoAQcKABT8j0wiE0Bs-rG0UUciVUBb4RAKb5kChD7oJ8_DEDD9R--u7GAeA6tULtKCqVxSiiwHLEB0o66rHsO0zXY51Btnksom1MShFGugblrHQE5r10bgihF04dLUKUNZiKucfFmkSnfDgAyhBdjbKflUMkb_pM8ebHp2mZPJv2uW8QvqIUOis4SBIjlYWCgaoS_XgBufO10ZLZlI6YQuAW6mBz5ly_4Lqu52CuA_74or8VsMAXNsFYU9GdFEeh1AfS760D1HWJ_Yw08BWdgxxwCngCWq9uf2qu-88SGemDDCbGIcVCLCrWP9I70pljrrc6lc1dgviMdiEyz4jcfI8vZ08V12bgZzMMdgBuEXeFyzGdHILNuokXVyAS1GII-Y60190oXyli1osC3pMZBc2ML98gWolA7GOVW29DaMbaLay2S5JgufQHy0EqlvikRnVZ15x7jHtVy5b-VMkRsGpKjRriQGGkN9mEM2zlHKZVDWqy924MUHI5fkydqKqXQlzm0ri4fdEZSJvASICEFX03y_LYOT9KPZzcNbhvo03trxkwnqbt2dom_he7Uaq3tj7UypvYma__jeKqw2pdAR6Gq9pIyzNj0uYhgLb-tXMu51RF7jY4eJMPDii47SB6UjJE2wGEjkkPTAfqwFWA9VyEWSygKN7BNhcUx1751d-hfZD9PfuJYXtvLT15cbx7Aa14ApP94gSH990AAnydyBL_Thw8Jxr5RiF6lMRNB5z1dRUqcofb-UQIUyn-pvdTbswhI6EMbUtcQ0iytToxWF-DopsrWJlKBCBwluWC6pjwOEWKlOd2SnMJRK_EhDfDe5h8x3TgQUYt0oKdoS8DVZWFxhBSyMihlJIz2U7DBkKcfU2aed9xrt-O6LhU3OTNWP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ponta-money.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:14:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 20:38:53	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-20 06:00:26	Name: IDE Value: AHWqTUnObWScx9o0np6pGs6J3YwbACKONMOyrrp4TvzFuKVCQ8omCg5n13ZAAqMkkOY

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.1/jquery-migrate.min.js?ver=3.0.1(Line 33) Message: JQMIGRATE: Migrate is installed, version 3.0.1
console-api	log	URL: https://ponta-money.work/(Line 19) Message: ServiceWorker registration successful with scope: https://ponta-money.work/
console-api	log	URL: https://ponta-money.work/(Line 22) Message: ServiceWorker update successful

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.blog.st-hatena.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cocablog.site
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i2.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
ponta-money.work
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.ponta-money.work
zubosiba.com
103.3.2.32
104.244.42.8
142.250.184.226
183.181.84.135
183.181.84.69
192.0.77.2
2.18.234.65
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a04:4e42:3::485
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
067403dc435e7c7b9d092c84676508f411d816ba987808da2f0e5717ba5e46dd
0b7cb8b0f87d8617af6e450c2d5ae1da271e85822edc9b2453a64af3c4e41baf
0f576e6da409208815ca5163836e92afddf8346797705a0902161ba840040116
11f2428ca2f488b7691c6688ab9250d6c8383d1a09e111223708c0daac8d02ef
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
1746cc85018bab92f0442999d488e5bd3a39a132966b50133a3ccfccdf708d1d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c78e0712514a0fc2232eba9dba936bc5ee7beae6822d0c595242313608dbebe
22ee390b26ecf4998aaec7c60cefca34e7729635fa259f102074c4cfcc18e3c7
2c59951200b3f526131f8669cddd0205a176b1eb8f970aeeb3d3a48dbabba153
30105b14706077893415eef8550e24c366af19e0e39292306daa53ce0a5da1bd
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904
4127b48be4434fdef1643c23f88bf9d4f782500774773c4ec8a56d9e607e0b01
41b2b8a681e4809974e473a14680715a99b7481fb6cec4120d8f799a8740a71b
43e26c0c57f2b33325502052e76cfd30d4419cae2f8519bfecba3ccc8a2f8289
44db28cb8b73cba93ddf6e6efe1af4648c8ea8075f12082415c68901c4d7592d
45ba8bccc0b5be1a01972e5b5b2c5acb3e2e92be862b8fe3f222925dfe7f62e1
4a0c02f6e17cc5620293059d304f35739d73e5c11caed46af18d010c200e5f5f
4e4eff6afcb917dbf00e684325f4dbccec283fd12ec976eaa631c1c8c49e6ab6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51c82a45def57f7d137067d508bdd79be096b85eda834315f5c4ebcca8fec3a7
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
56441671998f6ad149c4fb0cac2c0af65b6f9c8d411873ad86c21c50985c4e34
5648ace9fd42b6d8bd1c74e31ffb0f9527826877457fe064790f048b37c07fce
57faeeaa9a50b8e8be69684c83753733ec0e550185c7fbe370dfe704ec4568eb
5a858d60bf50b0108d2dcfe8351f694c425d811615e2588e659030050693eb50
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
6743649c9f9a466a1d18445a11e0b85f6bb5cf958637f996af0ea5b755b716ff
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72a0ecf12e0cbc3800946e148a86a1c6175bd37c090ce8b80b076cafe2fc2c02
756f1adf8481bf0d907fc698e20d1ba8cc9f846abb3477c7faf6dd6ab4e864de
789b15ca15e37b0858a53ed1afa01d4f6da3a8c7c21d61999ae5112d98eb0a9a
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
7c47876d0ea888f37089a5b2ce560adb8347b58f0627383874313e1a514194c4
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
87867176efe3326b0bb4caca2ad02723286a18205090923f332930aa12c44342
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
903425490c1b5e8b5fcb5527ccfaf91c4b01b9f17f4ce6319f6947a4d3929722
9248542b55f10b006b86fd81d43c2f1ebf570293d74a331ec7daed7f63149dec
967fa2913be44acbb7db53d8c4d2ed52d48f7ef586e4d2914ba08ae0894f8c45
9713e74a6a6f33d63feff2e65c67c709ca09b4b6c3841e6ce9817ada229d4450
97ace3d4488ed502aa0964612a0d1ddc034eea681f606b0e4e1931fe0836eaae
9f5348f5011726b3040005ebe5b95a773d639d4bd9876c6e9c982204d009ab61
a33fad02887bffcc21ba25782e3472bbc8474c87b06b88aaf890333ec9804e0d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a922d303f74d2d9e594dd0fd3b55fc0d23163d463d754e3294ddd87b541a89f2
aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195
b02dfd272ecdd8b4736df5fb3e0704e64453255f40aa230037857243585101a8
b09648bdaba00278effdb4cfee27d8d77102d3a93575a9718cee4fe7c204b57b
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc0cbc465a0d1dfd3d2deb8ba61ea6e69364d0cc01caa59674a82fea8e72b0fc
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf5af1b082cec0c615b9bb2a8dce56e5f7ea9ef14f2897845dd7519779c8c834
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cc9a464d84b1829803cf8fddd799fa48f80d804eda0d7dfa3f67fbdd4933cc5d
ccfeed830055044756c2bd8c8f77a26196510a4d4134b0a09828d5ea2d8e3663
cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
d85aa7b9b7daeb7c8ac3493886175d4b159316fadb993ec6942ea295248d15af
d8cbe3c94cc68f9e0ea1570f9e9a79aca95cd1f1e7fa70c0745bcfb5b757feab
db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4507fb30c4deea59b3fc01f9b3fb358ce1df6e4cd40d1bf7ccfb56dc6e0f8d4
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13
f05e46a34bf9cc6350fd9b37797b22cf7027ecaa3e06810b6a89f399867a117f
f2f606ad2bf21f4aa26bb26ad620ddb4acc89f486a734c29f4c0256fbb4407f6
f84772ceddcf73e446db792c2330a0acbc2140c38d26b64351445136e4f0de86
fa33a3232ddeca475245ee4e42762253f6bb3e5ffed8e634e4a696af91eee9e2
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f
fb1f6524f7e0e23f05465015933809b3761dfb0e1df4b568074c0b4275084701

ponta-money.work Open in urlscan Pro 103.3.2.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

100 %HTTPS

75 %IPv6

18 Domains

23 Subdomains

29 IPs

3 Countries

4173 kBTransfer

6585 kBSize

2 Cookies

7 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ponta-money.work Open in urlscan Pro
103.3.2.32 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

100 %
HTTPS

75 %
IPv6

18
Domains

23
Subdomains

29
IPs

3
Countries

4173 kB
Transfer

6585 kB
Size

2
Cookies

130 HTTP transactions
5 data transactions