server.duinocoin.com Open in urlscan Pro
51.15.127.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Submission: On September 30 via api (September 30th 2023, 8:07:05 pm UTC) from LU — Scanned from FR

Summary HTTP 78 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 78 HTTP transactions. The main IP is 51.15.127.80, located in France and belongs to Online SAS, FR. The main domain is server.duinocoin.com.
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.

This is the only time server.duinocoin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	51.15.127.80 51.15.127.80	12876 (Online SAS) (Online SAS)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4 4	140.82.121.3 140.82.121.3	36459 (GITHUB) (GITHUB)
2	2606:50c0:800... 2606:50c0:8002::154	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 14	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
78	13

9 51.15.127.80 (France)

ASN12876 (Online SAS, FR)
PTR: 80-127-15-51.instances.scw.cloud

server.duinocoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

bernii.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 140.82.121.3 (Frankfurt am Main, Germany) 4 redirects

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	452 KB
14	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	115 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	218 KB
9	duinocoin.com server.duinocoin.com	610 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	605 B
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	2 KB
4	github.com 4 redirects github.com — Cisco Umbrella Rank: 2696	13 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	171 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 11	1 KB
2	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 3717	434 KB
1	github.io bernii.github.io	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	56 KB
78	12

	Domain	Requested by
17	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	server.duinocoin.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	server.duinocoin.com	server.duinocoin.com cdnjs.cloudflare.com
7	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	server.duinocoin.com googleads.g.doubleclick.net
4	www.googleadservices.com
4	github.com	4 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	raw.githubusercontent.com	server.duinocoin.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bernii.github.io	server.duinocoin.com
1	cdnjs.cloudflare.com	server.duinocoin.com
78	15

This site contains links to these domains. Also see Links.

Domain
github.com
wallet.duinocoin.com

Subject Issuer	Validity	Valid
server.duinocoin.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Frame ID: 1EA391094498EEC203964C9626AAC8EC
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: 8B0A9F305F4283BCAA6E968CC55612DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4670059148424169&output=html&h=280&slotname=4687652378&adk=2304077946&adf=1438075936&pi=t.ma~as.4687652378&w=1200&fwrn=4&fwrnh=100&lmt=1695225123&rafmt=1&format=1200x280&url=https%3A%2F%2Fserver.duinocoin.com%2Fwebminer.html%3Fusername%3Doneptp%26threads%3D8%26rigid%3Doneptp2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696104421826&bpp=4&bdt=1352&idt=193&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&correlator=5040841141774&frm=20&pv=2&ga_vid=177028195.1696104422&ga_sid=1696104422&ga_hid=1351765303&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=148&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44803492%2C44759876%2C44759927%2C31077328%2C31078142%2C31078201%2C31078273&oid=2&pvsid=426918245225925&tmod=1523705682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=34VPSoPerq&p=https%3A//server.duinocoin.com&dtd=207
Frame ID: 70854E8EDD12AE9EB5D9F51595FDF4B9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4670059148424169&output=html&adk=1812271804&adf=3025194257&lmt=1695225123&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_r&format=0x0&url=https%3A%2F%2Fserver.duinocoin.com%2Fwebminer.html%3Fusername%3Doneptp%26threads%3D8%26rigid%3Doneptp2&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696104421831&bpp=2&bdt=1358&idt=211&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5040841141774&frm=20&pv=1&ga_vid=177028195.1696104422&ga_sid=1696104422&ga_hid=1351765303&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44803492%2C44759876%2C44759927%2C31077328%2C31078142%2C31078201%2C31078273&oid=2&pvsid=426918245225925&tmod=1523705682&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=223
Frame ID: 0680B645DDBFCC92F3F4D080D079A3AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B989863373B6330422AE1870A261A7A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7E236B42C79830746724B330E152558
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6D958F99317D1435405FC1C79D518442
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1E23AB81DC9ED8B28332D0ECC073F83C
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Frame ID: 25F0055CA6135963697679BA71B764BF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8C225E0E03B261C8886828870A7AE700
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 49B299D838FF1771E11303FA94B99DD3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Frame ID: B0DCB3B4FB3D9DE5B4A95B6E645C91A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js
Frame ID: 96DA741A1DBF2D989E7614456AB03F88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Official Duino-Coin web miner

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

94 %
HTTPS

79 %
IPv6

12
Domains

15
Subdomains

13
IPs

3
Countries

2064 kB
Transfer

5157 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/revoxhere/duco-webservices
Title: GitHub

Search URL Search Domain Scan URL

URL: https://wallet.duinocoin.com/
Title: Duino-Coin Web Wallet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://github.com/revoxhere/duino-coin/blob/master/Resources/NewWebMiner.png?raw=true HTTP 302
https://github.com/revoxhere/duino-coin/raw/master/Resources/NewWebMiner.png HTTP 302
https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/NewWebMiner.png

Request Chain 7

https://github.com/revoxhere/duino-coin/blob/master/Resources/duco.png?raw=true HTTP 302
https://github.com/revoxhere/duino-coin/raw/master/Resources/duco.png HTTP 302
https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/duco.png

Request Chain 35

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXzsKnvgEQsAkYsAkyCKj2P7RUXgo1 HTTP 301
https://tpc.googlesyndication.com/simgad/12091630847913838834

Request Chain 38

https://googleads.g.doubleclick.net/pagead/adview?ai=CGXRX5n8YZaiHBYamYavnr4AE_vCszXDt24H6ghHPsNeXjw4QASCMvaSHAWD74YWDnAqgAfzR3uMDyAEGqQLmTlI5GL2xPqgDAcgDAqoEnQJP0Dct15Wi_9NrQAFOUFC3dQ8Jmmu_LTpcPuvdceOFpC7VcjtDFxlCqVnelWLTWrz9jkY2phtyi3wOKqy7WRUyuL1Qqgtg72A1amyPpOL2IbXp4MKwuIwB4hGEOVphsduP_7VI6GRbrG1vBg7m3fkS9yZf5EaY_QbPX2rbi-P677Z6R3n60unpk6tNBKuHIuIFv-wTRzJ83QLC_Fl8LTPlqO8lDcCvy2I4FitBG1a57E4YZL5Ms0odK9E83ljpefJEfGXpUVmtWLTBLQb_xcJWrx4uMeCCF_NDnsNakYW1wxBfb7AKwQzgzxo2ROlbatN4HibX_XFjuNqIaKwveM32yUmkN_G-kiTuUGM4rqH9PxfoYxn_cYVfkAAGr3zABOvv3IiSBIgFrNmf_ESSBQQIBBgBkgUECAUYBKAGN4AHicKXggGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwMQw2vSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkgaHR0cHM6Ly93d3cuY2FyamV0LmNvbS9pbmRleC5odG2ACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItNDY3MDA1OTE0ODQyNDE2ORgA&sigh=IACRM8S2RMo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNFUnIFox9Wx_suAPQM5UK-Ah1Ew_OGhgB&template_id=493&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225101042953677785065%22,%22debug_reporting%22:true,%22destination%22:%22https://carjet.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221014475004%22],%224%22:[%2209-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215882047408938529569%22}&andc=true

Request Chain 69

https://googleads.g.doubleclick.net/pagead/adview?ai=CL9Cn5n8YZbfgDeCW29gPyISymAGs14PocaqFm8zeEemymJWODhABIIy9pIcBYPvhhYOcCqABlvbA3yjIAQGpAtP0-Vlzl6U-qAMByAPDBKoEpwJP0OWuhCWrLymxdrs_cWf5PxPSWi83tpSUa9Egn18QgQO6c_IR8aPWQ8eNVap8B4Y4uoqxHW031x-iRdJuW2dN7Bg4OJPUputdFVX51MmXTKHnKeg3xbQK-7Q2qrzJHmBu9jl0-jQzBltJCioq8rPKbtJD7JWayISY0Kve8MVpNHoqAh7cg_IoJRqYVNYZ0VEJb7CMyVvtH9KzoMMAXQLtwRiAf4aGNGunpjw-KrEYjQewsrZ4j_rTXuJ8JLgQKJBChcvbxpVUDXRzUcUVcBUGgjQ_l6_iYxkGNGzFFKp9owzo5tjwF_eeblIFI04riGz2H6lcrJH9tf3HOo9X4PKa2NVO3z0ZyPT74oO_IofEHVl9baR2ugziZaNbNtvg5Gw0NCi-ekhzwATwwoGFzgSIBbWW7_pLkgUECAQYAZIFBAgFGASgBmaAB5aukb8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQuGHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkmaHR0cHM6Ly93d3cuaGFuY29ja3Byb3NwZWN0aW5nLmNvbS5hdS-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNDY3MDA1OTE0ODQyNDE2ORgA&sigh=sJ4t3WtyqFs&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNxLC0VW-EATPTA8mK7p2djhEiQfzrYBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210100555799844935818%22,%22debug_reporting%22:true,%22destination%22:%22https://hancockprospecting.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210937711382%22],%224%22:[%2209-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210115178099048949569%22}&andc=true

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request webminer.html Show response
server.duinocoin.com/ 25 KB
7 KB 91ms
22ms Document
text/html 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: b785a3380ca593a30ad5f18dee26a7fe76ceaa5a86b7bb1ee1b74cb445b5935b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 30 Sep 2023 20:07:00 GMT
ETag: W/"650b3143-63cd"
Last-Modified: Wed, 20 Sep 2023 17:52:03 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK mystyles.css
server.duinocoin.com/assets/ 463 KB
67 KB 27ms
26ms Stylesheet
text/css 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/assets/mystyles.css
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: 6bb4bcc80c2f20765c65cc3090d2eabfb71bed2d687b2e0e0456fbb7bca5d255

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 17:52:04 GMT
Server: nginx
ETag: W/"650b3144-73c08"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK fontawesome.js Show response
server.duinocoin.com/assets/js/ 1 MB
469 KB 96ms
45ms Script
application/javascript 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/assets/js/fontawesome.js
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: 30081cca00d16a1b3e17f364e55cf7f3bc210789122bd357943377c39f0b2ead

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 17:52:04 GMT
Server: nginx
ETag: W/"650b3144-11843d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
server.duinocoin.com/assets/js/ 87 KB
36 KB 97ms
47ms Script
application/javascript 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/assets/js/jquery.min.js
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 17:52:04 GMT
Server: nginx
ETag: W/"650b3144-15d84"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 lottie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.8.1/ 265 KB
56 KB 77ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.8.1/lottie.min.js

Requested by

Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c2c26190e5e8fa09172b34612ad0bece7c93e0727b18f3d3b3f283f598e963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1482279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56900
last-modified: Tue, 09 Nov 2021 16:36:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "618aa39b-de44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NgBKQ3fIBn3dcFjB5yifCQlUyiS80iNkEqSHNOCJ8cIi6Z%2B%2F1k9ypsh0B5KjzH7ieslGqkky9Q2tO8h0XSh9tbASsdu1nwSIKD6XGvEyaj7ryrlQDAAq5towCdpWe%2BMMnYTqgTet0ofKYTaA2lU6zzE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80ef16f45830214f-CDG
expires: Thu, 19 Sep 2024 20:07:00 GMT

GET
H2 200 gauge.min.js Show response
bernii.github.io/gauge.js/dist/ 18 KB
5 KB 80ms
29ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bernii.github.io/gauge.js/dist/gauge.min.js
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 1c7d701d8da3e2c05fb44d8c4a13c13fae937d6d7cfc3df17ead6798819bc5b2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

x-fastly-request-id: c93ccd0c52e91531a94b233bb9752fdcce18aa64
date: Sat, 30 Sep 2023 20:07:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 500
x-cache: HIT
x-proxy-cache: HIT
content-length: 5085
x-served-by: cache-lcy-eglc8600026-LCY
last-modified: Fri, 17 Dec 2021 21:10:28 GMT
server: GitHub.com
x-github-request-id: D848:ED09:141BAE2:14AD849:650FAEC3
x-timer: S1696104421.542338,VS0,VE9
etag: W/"61bcfcc4-46b8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Sun, 24 Sep 2023 03:44:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 173 KB
57 KB 184ms
108ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c63dcd6e682d84eddd27bd99c4df040fd6c601e481a028590d2173a041519b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58245
x-xss-protection: 0
server: cafe
etag: 13205515020446424764
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 20:07:00 GMT

GET
H2

200

NewWebMiner.png
raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/
Redirect Chain

https://github.com/revoxhere/duino-coin/blob/master/Resources/NewWebMiner.png?raw=true
https://github.com/revoxhere/duino-coin/raw/master/Resources/NewWebMiner.png
https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/NewWebMiner.png

380 KB
380 KB

266ms
213ms

Image
image/png

2606:50c0:8002::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/NewWebMiner.png

Requested by

Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2

Protocol

Server

2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a63e112c04ddc3c488456f168dddac3d2dd05f0aa007639c8a98d9bc66485e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

x-fastly-request-id: 1d1d3ab97fbd70f053da0823662a7b625c57261e
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 20:07:01 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 388698
x-xss-protection: 1; mode=block
x-served-by: cache-lcy-eglc8600041-LCY
x-github-request-id: 895E:7784:2590869:2736F67:65187FE5
x-timer: S1696104421.154796,VS0,VE195
etag: W/"8d524dff9e6ef3d53c5b112a1adfa62b3f1d0db24d89c15521926b01803beaee"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sat, 30 Sep 2023 20:12:01 GMT

Redirect headers

date: Sat, 30 Sep 2023 20:07:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: GitHub.com
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.githubcopilot.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events objects-origin.githubusercontent.com *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ wss://*.actions.githubusercontent.com github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
x-github-request-id: C9BC:A105:1E50736:1EC86DA:65187FE4
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options: deny
content-type: text/html; charset=utf-8
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/NewWebMiner.png
cache-control: no-cache
content-length: 0
x-xss-protection: 0

GET
H2

200

duco.png
raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/
Redirect Chain

https://github.com/revoxhere/duino-coin/blob/master/Resources/duco.png?raw=true
https://github.com/revoxhere/duino-coin/raw/master/Resources/duco.png
https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/duco.png

53 KB
54 KB

213ms
181ms

Image
image/png

2606:50c0:8002::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/duco.png

Requested by

Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2

Protocol

Server

2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c83a095611706a673fd41a2f00102b4206baf7b0acfc8370770be92387006f41

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

x-fastly-request-id: e738286a0e51bd28d531962c863107f289002373
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 20:07:01 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 54333
x-xss-protection: 1; mode=block
x-served-by: cache-lcy-eglc8600041-LCY
x-github-request-id: A6BC:86E3:28AA14C:2A677E9:65187FE5
x-timer: S1696104421.155282,VS0,VE160
etag: W/"d9cfa4e636419edb204b9386865228f8a406cdf0502a4114c36e7f2f085fb13a"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sat, 30 Sep 2023 20:12:01 GMT

Redirect headers

date: Sat, 30 Sep 2023 20:07:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: GitHub.com
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.githubcopilot.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events objects-origin.githubusercontent.com *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ wss://*.actions.githubusercontent.com github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
x-github-request-id: C9BC:A105:1E50734:1EC86D9:65187FE4
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options: deny
content-type: text/html; charset=utf-8
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/revoxhere/duino-coin/master/Resources/duco.png
cache-control: no-cache
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 422 B
580 B 106ms
35ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Roboto+Mono&display=swap

Requested by

Host: server.duinocoin.com
URL: https://server.duinocoin.com/assets/mystyles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28a1295bac6e8a8070c9fe9991f10c24419a3d43ffd63d5f52dd1091f3362ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 30 Sep 2023 20:07:00 GMT

GET
H/1.1 200
OK loader.json Show response
server.duinocoin.com/assets/ 6 KB
6 KB 23ms
23ms XHR
application/json 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/assets/loader.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.8.1/lottie.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: 040af9921141ba807783e7305ced915482ff2c35585685d7bb5ac6b7b74b860e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Last-Modified: Wed, 20 Sep 2023 17:52:04 GMT
Server: nginx
ETag: "650b3144-187e"
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6270

GET
H2 200 S6uyw4BMUTPHvxk.ttf
fonts.gstatic.com/s/lato/v24/ 71 KB
36 KB 87ms
26ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHvxk.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Roboto+Mono&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://server.duinocoin.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 19:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36024
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 19:42:32 GMT

GET
H/1.1 200
OK worker.js
server.duinocoin.com/js/webminer/ 17 KB
6 KB 26ms
26ms Other
application/javascript 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/js/webminer/worker.js
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: 4e94581152ab34f6941001b4840435d2558c3adbfb2174a6c78deafeaf2fff83

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 17:52:03 GMT
Server: nginx
ETag: W/"650b3143-4487"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK worker.js
server.duinocoin.com/js/webminer/ 17 KB
6 KB 25ms
24ms Other
application/javascript 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/js/webminer/worker.js
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: 4e94581152ab34f6941001b4840435d2558c3adbfb2174a6c78deafeaf2fff83

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 17:52:03 GMT
Server: nginx
ETag: W/"650b3143-4487"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK worker.js
server.duinocoin.com/js/webminer/ 17 KB
6 KB 26ms
26ms Other
application/javascript 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/js/webminer/worker.js
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: 4e94581152ab34f6941001b4840435d2558c3adbfb2174a6c78deafeaf2fff83

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 17:52:03 GMT
Server: nginx
ETag: W/"650b3143-4487"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK worker.js
server.duinocoin.com/js/webminer/ 17 KB
6 KB 50ms
25ms Other
application/javascript 51.15.127.80
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://server.duinocoin.com/js/webminer/worker.js
Requested by: Host: server.duinocoin.com
URL: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.15.127.80 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 80-127-15-51.instances.scw.cloud
Software: nginx /
Resource Hash: 4e94581152ab34f6941001b4840435d2558c3adbfb2174a6c78deafeaf2fff83

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/webminer.html?username=oneptp&threads=8&rigid=oneptp2
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

Date: Sat, 30 Sep 2023 20:07:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 17:52:03 GMT
Server: nginx
ETag: W/"650b3143-4487"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame 8B0A 10 KB
5 KB 91ms
26ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://server.duinocoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

age: 12893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 16:32:08 GMT
etag: 2603938475786422795
expires: Sat, 14 Oct 2023 16:32:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/ 436 KB
142 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_with_ama.js?client=ca-pub-4670059148424169&plah=server.duinocoin.com&bust=31078273

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f538245e3c6611dc09917fdef11f3cf9761ff67a49a8352ef12a8ee81cc95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145674
x-xss-protection: 0
server: cafe
etag: 2235301565150314101
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 20:07:01 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 101ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=server.duinocoin.com&callback=_gfp_s_&client=ca-pub-4670059148424169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/show_ads_impl_with_ama.js?client=ca-pub-4670059148424169&plah=server.duinocoin.com&bust=31078273

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f774b4622854764002779af2289adb00f347431c1db87b6c8eb38a4f7cdf3baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7085 89 KB
26 KB 760ms
759ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4670059148424169&output=html&h=280&slotname=4687652378&adk=2304077946&adf=1438075936&pi=t.ma~as.4687652378&w=1200&fwrn=4&fwrnh=100&lmt=1695225123&rafmt=1&format=1200x280&url=https%3A%2F%2Fserver.duinocoin.com%2Fwebminer.html%3Fusername%3Doneptp%26threads%3D8%26rigid%3Doneptp2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696104421826&bpp=4&bdt=1352&idt=193&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&correlator=5040841141774&frm=20&pv=2&ga_vid=177028195.1696104422&ga_sid=1696104422&ga_hid=1351765303&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=148&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44803492%2C44759876%2C44759927%2C31077328%2C31078142%2C31078201%2C31078273&oid=2&pvsid=426918245225925&tmod=1523705682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=34VPSoPerq&p=https%3A//server.duinocoin.com&dtd=207

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35163decfbefe597454b8799a8cfc488a98c44b9b999836d683df529cf18b531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://server.duinocoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:07:02 GMT
expires: Sat, 30 Sep 2023 20:07:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 130ms
76ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92c0f3a626241365d8e01d2d3917301e5152157b33f37b067e48528fdc351de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11814
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0680 309 KB
74 KB 1042ms
1041ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4670059148424169&output=html&adk=1812271804&adf=3025194257&lmt=1695225123&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_r&format=0x0&url=https%3A%2F%2Fserver.duinocoin.com%2Fwebminer.html%3Fusername%3Doneptp%26threads%3D8%26rigid%3Doneptp2&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696104421831&bpp=2&bdt=1358&idt=211&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5040841141774&frm=20&pv=1&ga_vid=177028195.1696104422&ga_sid=1696104422&ga_hid=1351765303&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44803492%2C44759876%2C44759927%2C31077328%2C31078142%2C31078201%2C31078273&oid=2&pvsid=426918245225925&tmod=1523705682&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=223

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9072d52cbc85cc2b81667f0df515dafc639cd6cafe4079cad4f96d8390163c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://server.duinocoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75428
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:07:03 GMT
expires: Sat, 30 Sep 2023 20:07:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 108ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 20:07:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B989 13 KB
5 KB 28ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://server.duinocoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 19:42:30 GMT
expires: Sun, 29 Sep 2024 19:42:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A7E2 829 B
1 KB 98ms
36ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92d03515fa05b3c5545b880e6f494257894590a7143e1e825ba890d30f09e9a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-ppXBmFn-HMU4KyNzH9BxdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://server.duinocoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-ppXBmFn-HMU4KyNzH9BxdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:07:02 GMT
expires: Sat, 30 Sep 2023 20:07:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame B989 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 18:28:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A7E2 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=426918245225925&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B989 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9waImw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 7085 553 B
365 B 37ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4670059148424169&output=html&h=280&slotname=4687652378&adk=2304077946&adf=1438075936&pi=t.ma~as.4687652378&w=1200&fwrn=4&fwrnh=100&lmt=1695225123&rafmt=1&format=1200x280&url=https%3A%2F%2Fserver.duinocoin.com%2Fwebminer.html%3Fusername%3Doneptp%26threads%3D8%26rigid%3Doneptp2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696104421826&bpp=4&bdt=1352&idt=193&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&correlator=5040841141774&frm=20&pv=2&ga_vid=177028195.1696104422&ga_sid=1696104422&ga_hid=1351765303&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=148&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44803492%2C44759876%2C44759927%2C31077328%2C31078142%2C31078201%2C31078273&oid=2&pvsid=426918245225925&tmod=1523705682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=34VPSoPerq&p=https%3A//server.duinocoin.com&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f1fc90e7eba34a68a9d6370714677ff5002011199ca78093795799523b699a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 30 Sep 2023 20:07:02 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 7085 295 B
319 B 30ms
29ms Image
image/png 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4670059148424169&output=html&h=280&slotname=4687652378&adk=2304077946&adf=1438075936&pi=t.ma~as.4687652378&w=1200&fwrn=4&fwrnh=100&lmt=1695225123&rafmt=1&format=1200x280&url=https%3A%2F%2Fserver.duinocoin.com%2Fwebminer.html%3Fusername%3Doneptp%26threads%3D8%26rigid%3Doneptp2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696104421826&bpp=4&bdt=1352&idt=193&shv=r20230927&mjsv=m202309270101&ptt=9&saldr=aa&abxe=1&correlator=5040841141774&frm=20&pv=2&ga_vid=177028195.1696104422&ga_sid=1696104422&ga_hid=1351765303&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=148&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44803492%2C44759876%2C44759927%2C31077328%2C31078142%2C31078201%2C31078273&oid=2&pvsid=426918245225925&tmod=1523705682&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=34VPSoPerq&p=https%3A//server.duinocoin.com&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 03:54:26 GMT
x-content-type-options: nosniff
server: cafe
age: 58356
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:54:26 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 7085 30 KB
11 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 16:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 16:49:13 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 7085 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 15:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 15:44:12 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 7085 29 KB
11 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16a161aa44c3e3d29be944c1b50527d48b490fe8b27c5138a0fbfccb1a518dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 16:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11339
x-xss-protection: 0
server: cafe
etag: 15242922613079641184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 16:49:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7085 182 KB
57 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 20:07:02 GMT

GET
H2 200 554bc987290982779eabb7e21f065e52.js Show response
www.gstatic.com/mysidia/ Frame 7085 52 KB
20 KB 92ms
27ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/554bc987290982779eabb7e21f065e52.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7bb7b45061686e670e7d16fa53cc46a4980d26f990517409c2310959d20efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Mon, 25 Sep 2023 20:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20112
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 20:38:56 GMT

GET
H3 200 14577512431861811044
tpc.googlesyndication.com/gpa_images/simgad/ Frame 7085 19 KB
19 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/14577512431861811044

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d758eea5da461089a215e4a43842fa4bcfccc502d7ea689d23a493ff0557069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 05:22:45 GMT
x-content-type-options: nosniff
age: 53057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19142
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 20:32:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Sep 2024 05:22:45 GMT

GET
H3

200

12091630847913838834
tpc.googlesyndication.com/simgad/ Frame 7085
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXzsKnvgEQsAkYsAkyCKj2P7RUXgo1
https://tpc.googlesyndication.com/simgad/12091630847913838834

15 KB
15 KB

27ms
27ms

Image
image/png

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12091630847913838834

Requested by

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

698cb1255add3d90d29dd0d36d9379b2956db91d0cfb8f6eeac7b2957f6ca808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 04:09:15 GMT
x-content-type-options: nosniff
age: 57467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15107
x-xss-protection: 0
last-modified: Thu, 28 May 2020 04:21:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Sep 2024 04:09:15 GMT

Redirect headers

date: Sat, 30 Sep 2023 11:48:45 GMT
x-content-type-options: nosniff
server: cafe
age: 29897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12091630847913838834
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 30 Oct 2023 11:48:45 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79pA.ttf
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7085 50 KB
26 KB 29ms
29ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79pA.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a19a9fa8f8ee580d3e3c78c46f14375a529c13edb64290487b2cc56b3df175a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Tue, 26 Sep 2023 08:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26524
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Sep 2024 08:25:24 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7SQ.ttf
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7085 50 KB
27 KB 38ms
37ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7SQ.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e8bd42fde7167472a87a3cc5c5169ec380e1192ccf536b6364e608f79f4193b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Fri, 29 Sep 2023 07:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27069
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 07:18:42 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7085
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGXRX5n8YZaiHBYamYavnr4AE_vCszXDt24H6ghHPsNeXjw4QASCMvaSHAWD74YWDnAqgAfzR3uMDyAEGqQLmTlI5GL2xPqgDAcgDAqoEnQJP0Dct15Wi_9NrQAFOUFC3dQ8Jmmu_LTpcPuv...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225101042953677785065%22,%22debug_reporting%22:true,%22destination%22:%22https://carjet.com%22,%22event_report_window%22:%22...

0
0

117ms
61ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225101042953677785065%22,%22debug_reporting%22:true,%22destination%22:%22https://carjet.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221014475004%22],%224%22:[%2209-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215882047408938529569%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5101042953677785065","debug_reporting":true,"destination":"https://carjet.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1014475004"],"4":["09-30"],"6":["true"]},"priority":"500","source_event_id":"15882047408938529569"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 20:07:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 30 Sep 2023 20:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5101042953677785065","debug_reporting":true,"destination":"https://carjet.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1014475004"],"4":["09-30"],"6":["true"]},"priority":"500","source_event_id":"15882047408938529569"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=426918245225925&bg=!e3ileDfNAAYEJRtnJCU7ADQBe5WfOHFeHbgrhKPxHDSPUf0T2zjDsoP8g9IhW5Ukg5Uj2L4IPb3atqNgfX9fzAEM-xTGAgAAAFFSAAAABWgBBwoAqZEKsg7nmthMJkmKDJnqBrSZv0zDJRq4HGwDbw8h1PJEy0ZQzueqjG2UIw9clKlypr6uYPZliHRGM_pGQBxHe8LxBdJwYGhiUq9zULjqnKRGEF3DIDCE0Ys-6snRKpQsON8qg_2KZix8RPVCPlziswd_-1wShhWu64FZylemt999RzDAU7QNSN1kbK7y1vIz1QvxJAaZLDmsOvRFa7vgQqyu1F0z90y_9aGZAqSXBIe2MeV1zCbsPsISZ2veq1rPX4-VQ9ut_inYFXFeSXdEnyxasWxEXHO-ZSYnmd61veG-_5Rg1N-8nvtKzP8sWgNQElZQwZ0lmMNd1meDiqr5VpAkkxBh94L2PUlY0ByU3toCPD_dxGNdEb3mFeuA6suAnf88Sh-PWnx3JiZAdLBn15nFKvZBVSTjypPqpmA1ljLLvxKEEBN4dID8eJ-LJr7mCF-mOH1bhx9kVVJLPxdtOkzxv6-VVCr72L93C8K7xsjoRzUuKzotkCtDdK5qwLOB1QOb5_VO2I4lu8G7CLpbJ2TxEqe5re8VGfCS9fGX8D5bs01wB0d2kdSHCaCCzk-WGcKc629pXD2c95rAXVkCEzajphpULRHCROgNzNH_jKC00MBI4zRCQaxEt-10GypVcWjPDC6Frzqr3q2408EZuuFeTGsAsiGcAmImufgSZlw_7jXQrYOXuvjsQyFZn-eobhJfBwzONMna_Brcyy2RsViHsNG7wlWo6i8DTNhN6KPyfW6PYLhH2bCUZGVkCfZXf2xU3TS5uRKCGqQEBPxyihKRfvnvdhADA6E2JQJN4VOF38t1ZnS6tur4oocR0KUSNwX7wf3eylDKoHxsgRIvhx_7SySXXo86iCcC8rb1aumrhdfDCE24flLZmc3hwTPnmZpydN_0m2YHsH5zZGPmF8NogKZfMLja4R_0XeFt-MC-wX4bY8SbBBhJT6R74PmZer37ltbJYSrowW_mNrQY-T_PBVQy7E687Vw4lFZhjZkySrU8nkD0dn-eLyC3fVKvBJ7nYewjU4rwRkDqBUNdc95mv4KSXkB6mdFHgzVjOrlBt50XRLa2zvjtcYnNnivKAeUHFYN6NBVT1tmvKwmst4LHOR5EEis3LAV3ugCZzfyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 146ms
64ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 20:07:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/ 180 KB
59 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309270101/reactive_library.js?bust=31078273

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5c84f4fae7ed7db85f61ceda0ab0557acb1a7c2cabfa85d80d5d935b08971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://server.duinocoin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60460
x-xss-protection: 0
server: cafe
etag: 3409692477660092888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Sep 2023 20:07:03 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame 6D95 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://server.duinocoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 19:29:09 GMT
etag: 2603938475786422795
expires: Sat, 14 Oct 2023 19:29:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame 1E23 10 KB
4 KB 29ms
29ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://server.duinocoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 19:29:09 GMT
etag: 2603938475786422795
expires: Sat, 14 Oct 2023 19:29:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 6D95 400 B
229 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 30 Sep 2023 20:07:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6D95 205 B
520 B 32ms
31ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Tue, 26 Sep 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 385065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Sep 2024 09:09:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6D95 604 B
695 B 33ms
32ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Fri, 29 Sep 2023 20:11:31 GMT
x-content-type-options: nosniff
age: 86132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Sep 2024 20:11:31 GMT

GET
H3 200 fullscreen_api_adapter.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 6D95 25 KB
10 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/fullscreen_api_adapter.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4f278e76d731921de5916db65de4efa4cd3dba75fa21a568131b4e996bfa168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 17:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9936
x-xss-protection: 0
server: cafe
etag: 1930326429072868924
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:25:34 GMT

GET
H3 200 interstitial_ad_frame.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 6D95 31 KB
12 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/interstitial_ad_frame.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4837f7a182b7ae6102bceeebf3d1d0fa949c6589f24d657046b767b240e809a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 17:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12002
x-xss-protection: 0
server: cafe
etag: 2579703982281763037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 17:21:43 GMT

GET
H2 200 8fb2feea50eae42e6a788d5f79ccf254.js Show response
www.gstatic.com/mysidia/ Frame 1E23 15 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8fb2feea50eae42e6a788d5f79ccf254.js?tag=client_fast_engine

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea14488fc600ce1eeebd0fec5d3ccf8697f00554158bc1157db6282e8776b7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Mon, 25 Sep 2023 20:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6262
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 20:39:06 GMT

GET
H2 200 d89fd6edf17d296a71eebdecf13d96ac.js Show response
www.gstatic.com/mysidia/ Frame 1E23 15 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d89fd6edf17d296a71eebdecf13d96ac.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebffb96c24f068d9f4d6a229fe8427780dbee339ec3abd6f5ebf316ec5f953a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Mon, 25 Sep 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6182
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 20:46:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1E23 601 B
313 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef98f30521f0ca6484d4654217a549c6a5a90c83c90dfe3fc4f037a19ed1fe4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 30 Sep 2023 20:07:03 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 1E23 295 B
319 B 31ms
30ms Image
image/png 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 03:54:26 GMT
x-content-type-options: nosniff
server: cafe
age: 58357
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:54:26 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 1E23 30 KB
11 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 16:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 16:49:13 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 1E23 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 15:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 15:44:12 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 1E23 29 KB
11 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16a161aa44c3e3d29be944c1b50527d48b490fe8b27c5138a0fbfccb1a518dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 16:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11339
x-xss-protection: 0
server: cafe
etag: 15242922613079641184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 16:49:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E23 182 KB
57 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 20:07:03 GMT

GET
H2 200 554bc987290982779eabb7e21f065e52.js Show response
www.gstatic.com/mysidia/ Frame 1E23 52 KB
20 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/554bc987290982779eabb7e21f065e52.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7bb7b45061686e670e7d16fa53cc46a4980d26f990517409c2310959d20efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Mon, 25 Sep 2023 20:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20112
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 20:38:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 25F0 601 B
313 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef98f30521f0ca6484d4654217a549c6a5a90c83c90dfe3fc4f037a19ed1fe4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 30 Sep 2023 20:07:03 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 25F0 295 B
319 B 29ms
28ms Image
image/png 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 03:54:26 GMT
x-content-type-options: nosniff
server: cafe
age: 58357
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:54:26 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 25F0 30 KB
11 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 16:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 16:49:13 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 25F0 3 KB
1 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 15:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 15:44:12 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 25F0 29 KB
11 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16a161aa44c3e3d29be944c1b50527d48b490fe8b27c5138a0fbfccb1a518dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 16:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11339
x-xss-protection: 0
server: cafe
etag: 15242922613079641184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 16:49:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25F0 182 KB
57 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 20:07:03 GMT

GET
H2 200 554bc987290982779eabb7e21f065e52.js Show response
www.gstatic.com/mysidia/ Frame 25F0 52 KB
20 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/554bc987290982779eabb7e21f065e52.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7bb7b45061686e670e7d16fa53cc46a4980d26f990517409c2310959d20efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Mon, 25 Sep 2023 20:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20112
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 20:38:56 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf
fonts.gstatic.com/s/googlesans/v58/ Frame 1E23 57 KB
29 KB 32ms
31ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bb6585b06b56d32aa48ac85f698aea00a96b5e32b944c9fba5022cd90f97dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sun, 24 Sep 2023 10:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29438
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2024 10:42:30 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf
fonts.gstatic.com/s/googlesans/v58/ Frame 1E23 57 KB
28 KB 34ms
34ms Font
font/ttf 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924a754711d11983614f08302d9733ddb0756a0561e90ad0e9b7cecfe489c4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sun, 24 Sep 2023 07:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28161
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Sep 2024 07:58:59 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C22 143 B
166 B 29ms
28ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 19:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 49B2 143 B
166 B 26ms
25ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 19:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1E23
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CL9Cn5n8YZbfgDeCW29gPyISymAGs14PocaqFm8zeEemymJWODhABIIy9pIcBYPvhhYOcCqABlvbA3yjIAQGpAtP0-Vlzl6U-qAMByAPDBKoEpwJP0OWuhCWrLymxdrs_cWf5PxPSWi83tpS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210100555799844935818%22,%22debug_reporting%22:true,%22destination%22:%22https://hancockprospecting.com.au%22,%22event_repo...

0
0

62ms
61ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210100555799844935818%22,%22debug_reporting%22:true,%22destination%22:%22https://hancockprospecting.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210937711382%22],%224%22:[%2209-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210115178099048949569%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Sat, 30 Sep 2023 20:07:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10100555799844935818","debug_reporting":true,"destination":"https://hancockprospecting.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10937711382"],"4":["09-30"],"6":["true"]},"priority":"500","source_event_id":"10115178099048949569"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Sep 2023 20:07:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 30 Sep 2023 20:07:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10100555799844935818","debug_reporting":true,"destination":"https://hancockprospecting.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10937711382"],"4":["09-30"],"6":["true"]},"priority":"500","source_event_id":"10115178099048949569"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C22
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
37ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:07:03 GMT
expires: Sat, 30 Sep 2023 20:07:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:07:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame B0DC 38 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Tue, 26 Sep 2023 19:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 347359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:37:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 49B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:07:03 GMT
expires: Sat, 30 Sep 2023 20:07:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 20:07:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame 96DA 38 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

date: Tue, 26 Sep 2023 19:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 347359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:37:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 61ms
60ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 20:07:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7085 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudto_sq5j8qpabuzWNSJ9tPvaGpmeogeP-JmjwpHfNToLkafgGywx2s9pptsCC26HRd_x6QblRReeq3a3o2f9sYchFw3s6SuoQqGCwze9kJs0w213AhQ7SBN4H3byebrzI8AK5z6sPgSyl&sai=AMfl-YSsnOh2Y8LO7I2idjSUC-bifFZ46vAdt-QiKGrKpafsw9ENSb7T8llyBtuTtGalR1QP1bZEJy5v1Ki_&sig=Cg0ArKJSzFw9jaqbc4C0EAE&cid=CAQSGwDICaaNFUnIFox9Wx_suAPQM5UK-Ah1Ew_OGhgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2304077946&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696104422035&rpt=922&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 20:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1E23 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNtcR4VZBJE4UqPGzXPaDxF55se8CoB29iq6f4qpl36YgCWOPDZ5bEpEYza4F6NkvFCR_Nssa__W3OFohyRzkLbUnG7yNxs6Fg41QOwQmbtx_GeKEWLbSO6JmXMIX9xI3wev5EqkcV800c&sai=AMfl-YQeRUu4Kkgw_TwebkxnSGEHpCKJXSSE90DJMZs7m5_8ytZLJn6a5CKKovFesXBR8pisgcpYmWXEGmdo&sig=Cg0ArKJSzLw3eggDdExoEAE&cid=CAQSGwDICaaNxLC0VW-EATPTA8mK7p2djhEiQfzrYBgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=84,767,1001,1109,1173&tos=84,683,234,108,64&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696104423268&rpt=205&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/A46D

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 20:07:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.duinocoin.com/	1970-01-21 00:30:00	Name: __gads Value: ID=e2f70c3be8c7694d-227c734120df0092:T=1696104422:RT=1696104422:S=ALNI_Mat0xCmKUi6DoM423sFP0jIMRpzEg
.duinocoin.com/	1970-01-21 00:30:00	Name: __gpi Value: UID=00000c89fa4c1f31:T=1696104422:RT=1696104422:S=ALNI_MZI59GWMCLgFnQJSVY1a9TZ8_Xk3g
.doubleclick.net/	1970-01-21 00:30:00	Name: IDE Value: AHWqTUmNBxaQKUfkM543LrX6Qe7oQURiR_T-1Yy8UQPvik_GMFzgc1x396UqOxFiDhY
.doubleclick.net/	1970-01-20 15:08:25	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 17:18:00	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 15:08:28	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: https://server.duinocoin.com/js/webminer/worker.js(Line 94) Message: CPU1: WebSocket close observed, trying to reconnect: [object CloseEvent]
worker	error	URL: https://server.duinocoin.com/js/webminer/worker.js(Line 94) Message: CPU0: WebSocket close observed, trying to reconnect: [object CloseEvent]
worker	error	URL: https://server.duinocoin.com/js/webminer/worker.js(Line 94) Message: CPU2: WebSocket close observed, trying to reconnect: [object CloseEvent]
worker	error	URL: https://server.duinocoin.com/js/webminer/worker.js(Line 94) Message: CPU3: WebSocket close observed, trying to reconnect: [object CloseEvent]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bernii.github.io
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
github.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
raw.githubusercontent.com
server.duinocoin.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
140.82.121.3
142.250.184.194
2606:4700::6811:190e
2606:50c0:8000::153
2606:50c0:8002::154
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
51.15.127.80
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
040af9921141ba807783e7305ced915482ff2c35585685d7bb5ac6b7b74b860e
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04c2c26190e5e8fa09172b34612ad0bece7c93e0727b18f3d3b3f283f598e963
0a7bb7b45061686e670e7d16fa53cc46a4980d26f990517409c2310959d20efd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a63e112c04ddc3c488456f168dddac3d2dd05f0aa007639c8a98d9bc66485e8
1c7d701d8da3e2c05fb44d8c4a13c13fae937d6d7cfc3df17ead6798819bc5b2
28a1295bac6e8a8070c9fe9991f10c24419a3d43ffd63d5f52dd1091f3362ff3
2bb6585b06b56d32aa48ac85f698aea00a96b5e32b944c9fba5022cd90f97dcf
2f1fc90e7eba34a68a9d6370714677ff5002011199ca78093795799523b699a4
30081cca00d16a1b3e17f364e55cf7f3bc210789122bd357943377c39f0b2ead
35163decfbefe597454b8799a8cfc488a98c44b9b999836d683df529cf18b531
3c63dcd6e682d84eddd27bd99c4df040fd6c601e481a028590d2173a041519b8
3d758eea5da461089a215e4a43842fa4bcfccc502d7ea689d23a493ff0557069
4837f7a182b7ae6102bceeebf3d1d0fa949c6589f24d657046b767b240e809a5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e94581152ab34f6941001b4840435d2558c3adbfb2174a6c78deafeaf2fff83
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698cb1255add3d90d29dd0d36d9379b2956db91d0cfb8f6eeac7b2957f6ca808
6bb4bcc80c2f20765c65cc3090d2eabfb71bed2d687b2e0e0456fbb7bca5d255
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
84f538245e3c6611dc09917fdef11f3cf9761ff67a49a8352ef12a8ee81cc95c
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
9072d52cbc85cc2b81667f0df515dafc639cd6cafe4079cad4f96d8390163c6e
924a754711d11983614f08302d9733ddb0756a0561e90ad0e9b7cecfe489c4fb
92c0f3a626241365d8e01d2d3917301e5152157b33f37b067e48528fdc351de1
92d03515fa05b3c5545b880e6f494257894590a7143e1e825ba890d30f09e9a7
9e8bd42fde7167472a87a3cc5c5169ec380e1192ccf536b6364e608f79f4193b
a19a9fa8f8ee580d3e3c78c46f14375a529c13edb64290487b2cc56b3df175a0
a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f
a5c84f4fae7ed7db85f61ceda0ab0557acb1a7c2cabfa85d80d5d935b08971dc
b785a3380ca593a30ad5f18dee26a7fe76ceaa5a86b7bb1ee1b74cb445b5935b
bebffb96c24f068d9f4d6a229fe8427780dbee339ec3abd6f5ebf316ec5f953a
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
c83a095611706a673fd41a2f00102b4206baf7b0acfc8370770be92387006f41
d4f278e76d731921de5916db65de4efa4cd3dba75fa21a568131b4e996bfa168
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea14488fc600ce1eeebd0fec5d3ccf8697f00554158bc1157db6282e8776b7d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef98f30521f0ca6484d4654217a549c6a5a90c83c90dfe3fc4f037a19ed1fe4e
f16a161aa44c3e3d29be944c1b50527d48b490fe8b27c5138a0fbfccb1a518dd
f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde
f774b4622854764002779af2289adb00f347431c1db87b6c8eb38a4f7cdf3baa
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

server.duinocoin.com Open in urlscan Pro 51.15.127.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

94 %HTTPS

79 %IPv6

12 Domains

15 Subdomains

13 IPs

3 Countries

2064 kBTransfer

5157 kBSize

6 Cookies

2 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

server.duinocoin.com Open in urlscan Pro
51.15.127.80 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

94 %
HTTPS

79 %
IPv6

12
Domains

15
Subdomains

13
IPs

3
Countries

2064 kB
Transfer

5157 kB
Size

6
Cookies

78 HTTP transactions
0 data transactions