urlscan.io logo urlscan.io
SecurityTrails logo

secure.whatsthatcharge.com Open in urlscan Pro
34.196.154.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.whatsthatcharge.com/
Submission: On February 12 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 36 HTTP transactions. The main IP is 34.196.154.11, located in United States and belongs to AMAZON-AES, US. The main domain is secure.whatsthatcharge.com.
TLS certificate: Issued by R3 on February 12th 2021. Valid for: 3 months.
This is the only time secure.whatsthatcharge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    34.196.154.11 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-154-11.compute-1.amazonaws.com
secure.whatsthatcharge.com
8    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
15 secure.whatsthatcharge.com secure.whatsthatcharge.com
5 pagead2.googlesyndication.com secure.whatsthatcharge.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 bam.nr-data.net js-agent.newrelic.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 ssl.google-analytics.com secure.whatsthatcharge.com
2 www.google-analytics.com secure.whatsthatcharge.com
www.google-analytics.com
1 js-agent.newrelic.com secure.whatsthatcharge.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
36 12
Subject Issuer Validity Valid
secure.whatsthatcharge.com
R3		 2021-02-12 -
2021-05-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-05-07		 4 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://secure.whatsthatcharge.com/
Frame ID: DD2D9096FC67DF49465F4EFEC1603174
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html
Frame ID: 95B7F169516D7ADE21F7B3CF9C079327
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1613164354&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1613164354534&bpp=14&bdt=719&idt=98&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7314540102252&frm=20&pv=2&ga_vid=333235850.1613164355&ga_sid=1613164355&ga_hid=1947907215&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736524%2C21066430%2C21068769%2C21068893%2C21069109&oid=3&pvsid=1347793332310018&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PhwHnlXxEZ&p=https%3A//secure.whatsthatcharge.com&dtd=120
Frame ID: F89DC4CBBFED61B4EC3C5B075CD5D01A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0908030887665585&output=html&adk=1812271804&adf=3025194257&lmt=1613164354&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613164354548&bpp=2&bdt=733&idt=117&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=209x600&nras=1&correlator=7314540102252&frm=20&pv=1&ga_vid=333235850.1613164355&ga_sid=1613164355&ga_hid=1947907215&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736524%2C21066430%2C21068769%2C21068893%2C21069109&oid=3&pvsid=1347793332310018&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
Frame ID: 7A585A2A139B020F14B35E34858D90C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7A6D92D5A8769D968E1B738FEFE12A42
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

36
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

454 kB
Transfer

1259 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
secure.whatsthatcharge.com/ 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
051eb0effb161dc1b6cadf77db6c468d0791d37df42cbb29fb8f895ea2da5378
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
secure.whatsthatcharge.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Connection
close
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Content-Type
text/html; charset=utf-8
Etag
W/"051eb0effb161dc1b6cadf77db6c468d"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_WhatsThatCharge_session=dUtld3o3cU54YzNRMFNpOXZDejlLS25yTVRsblhiVDdVS0NzRENmUXkveU1rRTR2WW9seTlUVEljejRweHBLZXdrMVFrMVNjTFRiRG1tNzFhNG4xa0FRRGxDRzkzckluNW5XdmVyc2Z5dCtyODBEWnN0cEE2SWFPRlVNOS9HME5XS3QyeDRTaUR2WE01ek8rZjBqYUpuSmhTcXF0ZlBFVExnSkRDdm51REl0R2xia3hyK2hXSlc3UE5Ba0pCVFZvLS1ESktJdENGSnlvdFdtL1V1ckhROEx3PT0%3D--dfad9d663e7ce69d3da7bce034b0c28fdc848688; path=/; secure; HttpOnly
X-Request-Id
e2410e06-fb01-495d-9df4-4761038e5f66
X-Runtime
0.049569
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Server
thin
Via
1.1 vegur
css3-mediaqueries-e6f609aee3dac6fe793c2df198e012df07e182bf996cc365c834d8d83825941b.js
secure.whatsthatcharge.com/assets/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/assets/css3-mediaqueries-e6f609aee3dac6fe793c2df198e012df07e182bf996cc365c834d8d83825941b.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
af6ddb33b04df002ef9a9e9f65ea9494469353953fc02cf16cfdfc7838ede869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
5037
application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
secure.whatsthatcharge.com/assets/ 		146 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
5dab2b018dc3eb1a7f0fd91b664682509390ca953f4f63ca4b3d9013616aa761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
25268
application-bab322ec5ac1c368b265ac833389fa5d640573259b40b4b2e5310c231214ce90.js
secure.whatsthatcharge.com/assets/ 		384 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/assets/application-bab322ec5ac1c368b265ac833389fa5d640573259b40b4b2e5310c231214ce90.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
2e0a6dad7dab750f88e76086b169c956a0087a8858d55197bc857ed9873a315d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
113466
logo.en.png
secure.whatsthatcharge.com/assets/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/logo.en.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
bce52636c950ed185642a56bf86230b16f226fafba9a62189a7402a479f65334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-top.png
secure.whatsthatcharge.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-top.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
3c6a08f2c1fb01fe037ab9f85551e96be46c1206a2cf776174690773621d7e0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
globe.png
secure.whatsthatcharge.com/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/globe.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
09da582b3b428a285ad19e62d5e6a28250f2ca784f0d970062e22a64769efc0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 21:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
48410
x-xss-protection
0
server
cafe
etag
10670273244432943938
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Feb 2021 21:12:34 GMT
content-btm-shadow.png
secure.whatsthatcharge.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-btm-shadow.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
8a5e5884b22897a302f58e6c646b83ce28ad7424354eb016eae2c9db92ba85b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-bg.jpg
secure.whatsthatcharge.com/assets/ 		323 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-bg.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
60eddd1a150db3e4be1c3e60b92fb5a0695f7f92cfd369ca13795d46836819ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
header-repeat.jpg
secure.whatsthatcharge.com/assets/ 		536 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/header-repeat.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
f6fab96005f5f6817b6426c196c75a2378dc954dca1b596d96d22d8a3943cbf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
header-bg.jpg
secure.whatsthatcharge.com/assets/ 		52 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/header-bg.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
8de6476905ab95aa152b819762f1a2a1e3b91c0909d7476581428f5db25b86fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
header-seperator.jpg
secure.whatsthatcharge.com/assets/ 		368 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/header-seperator.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
e0ce2a53aea3cc7fcb4ef50990199f89d13a209ec5fcbd9639d09902694db867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
search-bg.png
secure.whatsthatcharge.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/search-bg.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
e526a99f44195ef6627a86dbfab7a939d8399d3d175c940a5b703fe1364a7bae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-mid.png
secure.whatsthatcharge.com/assets/ 		1 KB
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-mid.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
f1f71f02d894708786a2d03b71b719d7983f45333226a0d2fa62659c9642dc05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
btm-bullet.jpg
secure.whatsthatcharge.com/assets/ 		532 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/btm-bullet.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.154.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-154-11.compute-1.amazonaws.com
Software
thin /
Resource Hash
20c762b21188b039d3d29d0b762778c655034b7453ea1546b370ca35e7c07ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 21:12:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jan 2021 12:24:06 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6447
date
Fri, 12 Feb 2021 19:25:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 12 Feb 2021 21:25:07 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3838
date
Fri, 12 Feb 2021 20:08:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 12 Feb 2021 22:08:36 GMT
collect
www.google-analytics.com/j/ 		2 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1947907215&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ul=en-us&de=UTF-8&dt=What%27s%20That%20Charge%3F!%20Identify%20those%20mysterious%20charges%20on%20your%20credit%20card%20statement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1191480378&gjid=1949932941&cid=333235850.1613164355&tid=UA-39377463-1&_gid=538184053.1613164355&_r=1&_slc=1&z=658053828
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Feb 2021 21:12:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.whatsthatcharge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 21:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86814
x-xss-protection
0
server
cafe
etag
8889400180175641948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Feb 2021 21:12:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/ Frame 95B7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210208/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.whatsthatcharge.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 12 Feb 2021 06:00:57 GMT
expires
Fri, 26 Feb 2021 06:00:57 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
age
54697
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
__utm.gif
ssl.google-analytics.com/r/ 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=229170067&utmhn=secure.whatsthatcharge.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=What%27s%20That%20Charge%3F!%20Identify%20those%20mysterious%20charges%20on%20your%20credit%20card%20statement&utmhid=1947907215&utmr=-&utmp=%2F&utmht=1613164354559&utmac=UA-39377463-2&utmcc=__utma%3D29181118.333235850.1613164355.1613164355.1613164355.1%3B%2B__utmz%3D29181118.1613164355.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2127711926&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Feb 2021 21:12:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		209 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=secure.whatsthatcharge.com&callback=_gfp_s_&client=ca-pub-0908030887665585
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d8326814555634e1e13b6d241e42d08ca7917d63e95e50717960e7f67681b616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 21:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=secure.whatsthatcharge.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Feb 2021 21:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=secure.whatsthatcharge.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Feb 2021 21:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F89D 		405 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1613164354&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1613164354534&bpp=14&bdt=719&idt=98&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7314540102252&frm=20&pv=2&ga_vid=333235850.1613164355&ga_sid=1613164355&ga_hid=1947907215&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736524%2C21066430%2C21068769%2C21068893%2C21069109&oid=3&pvsid=1347793332310018&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PhwHnlXxEZ&p=https%3A//secure.whatsthatcharge.com&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d07f16f0862f5c8ae7491462b272dd7a4461401af27c4602efa085814127365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1613164354&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1613164354534&bpp=14&bdt=719&idt=98&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7314540102252&frm=20&pv=2&ga_vid=333235850.1613164355&ga_sid=1613164355&ga_hid=1947907215&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736524%2C21066430%2C21068769%2C21068893%2C21069109&oid=3&pvsid=1347793332310018&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PhwHnlXxEZ&p=https%3A//secure.whatsthatcharge.com&dtd=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.whatsthatcharge.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 12 Feb 2021 21:12:34 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 21:27:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 12 Feb 2021 21:12:34 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 21:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960672666234"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
expires
Fri, 12 Feb 2021 21:12:34 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7A58 		0
142 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0908030887665585&output=html&adk=1812271804&adf=3025194257&lmt=1613164354&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613164354548&bpp=2&bdt=733&idt=117&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=209x600&nras=1&correlator=7314540102252&frm=20&pv=1&ga_vid=333235850.1613164355&ga_sid=1613164355&ga_hid=1947907215&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736524%2C21066430%2C21068769%2C21068893%2C21069109&oid=3&pvsid=1347793332310018&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-0908030887665585&output=html&adk=1812271804&adf=3025194257&lmt=1613164354&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1613164354548&bpp=2&bdt=733&idt=117&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=209x600&nras=1&correlator=7314540102252&frm=20&pv=1&ga_vid=333235850.1613164355&ga_sid=1613164355&ga_hid=1947907215&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736524%2C21066430%2C21068769%2C21068893%2C21069109&oid=3&pvsid=1347793332310018&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.whatsthatcharge.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 12 Feb 2021 21:12:34 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 21:27:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 12 Feb 2021 21:12:34 GMT
cache-control
private
nr-1198.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1198.min.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 21:12:35 GMT
content-encoding
gzip
x-amz-request-id
8FBF058EA70ADB98
x-cache
HIT
content-length
10682
x-amz-id-2
dCyln7OIf+i76Bn+clBUl8tM3pNPIGXfyNRvPHz5ZLwhdSBkIMjzducUvcecQ4BFCTB8K4VSAVo=
x-served-by
cache-fra19138-FRA
last-modified
Fri, 29 Jan 2021 19:19:08 GMT
server
AmazonS3
x-timer
S1613164355.264568,VS0,VE0
etag
"59c98195ba35e0b45cbe2e5beebd1ac8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
15560
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210208&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6babd8a44fc1dd5d6514bd0de79229c075dff907db06188d9af79394e6048be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Feb 2021 21:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6449
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 21:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 12 Feb 2021 21:12:35 GMT
8a15b6e7db
bam.nr-data.net/1/ 		57 B
274 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8a15b6e7db?a=3952448&v=1198.fe6ec20&to=Il5cQUFWVF9URU5aXAxUHVxdXV1L&rst=1866&ck=1&ref=https://secure.whatsthatcharge.com/&qt=3&ap=49&be=403&fe=1787&dc=1079&perf=%7B%22timing%22:%7B%22of%22:1613164353418,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:15,%22c%22:15,%22s%22:28,%22ce%22:235,%22rq%22:235,%22rp%22:394,%22rpe%22:396,%22dl%22:397,%22di%22:1079,%22ds%22:1079,%22de%22:1083,%22dc%22:1787,%22l%22:1787,%22le%22:1789%7D,%22navigation%22:%7B%7D%7D&fp=1118&fcp=1118&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7A6D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.whatsthatcharge.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 12 Feb 2021 20:40:12 GMT
expires
Sat, 12 Feb 2022 20:40:12 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1943
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js
pagead2.googlesyndication.com/bg/ Frame 7A6D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 13:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 00:15:00 GMT
server
sffe
age
27517
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6290
x-xss-protection
0
expires
Sat, 12 Feb 2022 13:33:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210208&jk=1347793332310018&bg=!RUalRgXNAAWP4B5EjzsAKQB2-Dxaq7H9sixOR-5OOU7l34io1UINggqSp_5eB6NEMXmO0m25oEiCAgAAAEhSAAAAEGgBBwoA88iBjt61kk5rPomcBhL8Em7kBQ8ho6PNDrw0-6BHF6b-rW6_-BAOEyaWzY9vm7LZACULWGucaD1fCfLB2JAXBGGRfLgnzfiUJ5UFrgvujSkvrEOhp981pGZHVhjrhdaYsn2hRwFXmqZS5RAjztlxJaJNiljQVqwyHWw7tRBXCiSL9bNz4N8WzPNYNFVuvWOWKGLJB4kOAw7iA4k41pIXC2CgxrzKJkeRxlT4vkQdy9NwfRinjTyZmvuRw0TqKWA6OL9HkNzrJp6gPcfvC3PYm_gwu5X5ZIYNcXiUO7X9fuANzBo1nWbHoVf1J2vO_TjSACqcV5kB4TBKKcnbyEa2GdvRro4F0j3shX7Xh760mmaLYzVlBoIA5HtrBUuMaq1E0K5iOl8FAM7pHnYIYkkfWIOdgSNsj2FzTfGwOooppjqdj8Vcjgfh_WsvC3CJuet1u2T6zrBJfvpMqHbiPaR2f8AKpOFgRHd7F1EOlQ8HaPQok-jXOb5fKa4o0rucmpOv4gJvB-vH3gXWtQDp0gqGu-NNhJ4S6YNMxemXmY3ZwPwDczVR5NX_92PGGmwIQHl2Hi5fmWkIsPHYR5pIoRkBZ82VR88E2F_s4JT86-mlKvtVBl9xrHMbL8QVl_jQ-ofeJZi0lRpdg3TKGjkkqzfj_GAyHxLj0YIOlU7y0Wt7oNyq2VcDcW-92v_lSROXWCxKPDa0CyIB9b7ihmLjsg-LOW8N1ZElDKhtXrZcfdJlU_GWLoA3Bi9gsDOnBSLRILhJO7TB94BtN2VsbRVqk8mrOoKddepuv4Bpq43YkqQBkSzKjep8i7MI5zEcFvoIjRMa-X6STcZACoLQpJ95uznvJfrzIbrXmC-T8gLAU5hU-qcUKwzYJhcuoibq8BGdwbtSdAdDmNP9NeS7CQKBBn3Rt2S6NWlu9DWWsSl9s_sQ-CYxiFUtFOxjGedCrGAo2VD4CRpyGHsxSOA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Feb 2021 21:12:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8a15b6e7db
bam.nr-data.net/events/1/ 		24 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/8a15b6e7db?a=3952448&v=1198.fe6ec20&to=Il5cQUFWVF9URU5aXAxUHVxdXV1L&rst=11866&ck=1&ref=https://secure.whatsthatcharge.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://secure.whatsthatcharge.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| ua function| domReady object| cssHelper function| Init function| SortAndRemoveDuplicates function| MakeUppercase function| NewPostSubmitted function| getParameterByName function| updateReportBody function| $ function| jQuery object| jQuery112406813781428283574 object| adsbygoogle string| GoogleAnalyticsObject function| ga object| _gaq function| trackOutboundLink object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| _gat function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.whatsthatcharge.com/ Name: __gads
Value: ID=b502344ef7c08b2c-22ddd5bf70ba0086:T=1613164354:RT=1613164354:S=ALNI_MYJyJT6K8aDbsuhyBmmZSOTkpQMqQ
.secure.whatsthatcharge.com/ Name: __utmb
Value: 29181118.1.10.1613164355
.secure.whatsthatcharge.com/ Name: __utmt
Value: 1
.secure.whatsthatcharge.com/ Name: __utmc
Value: 29181118
.secure.whatsthatcharge.com/ Name: __utmz
Value: 29181118.1613164355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.whatsthatcharge.com/ Name: _ga
Value: GA1.2.333235850.1613164355
.whatsthatcharge.com/ Name: _gid
Value: GA1.2.538184053.1613164355
.secure.whatsthatcharge.com/ Name: __utma
Value: 29181118.333235850.1613164355.1613164355.1613164355.1
.whatsthatcharge.com/ Name: _gat
Value: 1
secure.whatsthatcharge.com/ Name: _WhatsThatCharge_session
Value: dUtld3o3cU54YzNRMFNpOXZDejlLS25yTVRsblhiVDdVS0NzRENmUXkveU1rRTR2WW9seTlUVEljejRweHBLZXdrMVFrMVNjTFRiRG1tNzFhNG4xa0FRRGxDRzkzckluNW5XdmVyc2Z5dCtyODBEWnN0cEE2SWFPRlVNOS9HME5XS3QyeDRTaUR2WE01ek8rZjBqYUpuSmhTcXF0ZlBFVExnSkRDdm51REl0R2xia3hyK2hXSlc3UE5Ba0pCVFZvLS1ESktJdENGSnlvdFdtL1V1ckhROEx3PT0%3D--dfad9d663e7ce69d3da7bce034b0c28fdc848688

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bam.nr-data.net
googleads.g.doubleclick.net
js-agent.newrelic.com
pagead2.googlesyndication.com
partner.googleadservices.com
secure.whatsthatcharge.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
142.250.186.66
151.101.14.110
162.247.242.21
2a00:1450:4001:800::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
34.196.154.11
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
051eb0effb161dc1b6cadf77db6c468d0791d37df42cbb29fb8f895ea2da5378
094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43
09da582b3b428a285ad19e62d5e6a28250f2ca784f0d970062e22a64769efc0a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
20c762b21188b039d3d29d0b762778c655034b7453ea1546b370ca35e7c07ac4
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2e0a6dad7dab750f88e76086b169c956a0087a8858d55197bc857ed9873a315d
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3c6a08f2c1fb01fe037ab9f85551e96be46c1206a2cf776174690773621d7e0c
3d07f16f0862f5c8ae7491462b272dd7a4461401af27c4602efa085814127365
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
5dab2b018dc3eb1a7f0fd91b664682509390ca953f4f63ca4b3d9013616aa761
60eddd1a150db3e4be1c3e60b92fb5a0695f7f92cfd369ca13795d46836819ab
6babd8a44fc1dd5d6514bd0de79229c075dff907db06188d9af79394e6048be5
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a5e5884b22897a302f58e6c646b83ce28ad7424354eb016eae2c9db92ba85b1
8de6476905ab95aa152b819762f1a2a1e3b91c0909d7476581428f5db25b86fd
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61
af6ddb33b04df002ef9a9e9f65ea9494469353953fc02cf16cfdfc7838ede869
bce52636c950ed185642a56bf86230b16f226fafba9a62189a7402a479f65334
d8326814555634e1e13b6d241e42d08ca7917d63e95e50717960e7f67681b616
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e0ce2a53aea3cc7fcb4ef50990199f89d13a209ec5fcbd9639d09902694db867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e526a99f44195ef6627a86dbfab7a939d8399d3d175c940a5b703fe1364a7bae
f1f71f02d894708786a2d03b71b719d7983f45333226a0d2fa62659c9642dc05
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6fab96005f5f6817b6426c196c75a2378dc954dca1b596d96d22d8a3943cbf6