urlscan.io logo urlscan.io
SecurityTrails logo

ponta-money.work Open in urlscan Pro
103.3.2.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.ponta-money.work/
Effective URL: https://ponta-money.work/
Submission: On August 21 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 3 countries across 19 domains to perform 119 HTTP transactions. The main IP is 103.3.2.32, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is ponta-money.work.
TLS certificate: Issued by R3 on June 21st 2021. Valid for: 3 months.
This is the only time ponta-money.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 103.3.2.32 131965 (XSERVER X...)
20 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:3::485 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2606:2800:234... 15133 (EDGECAST)
1 192.0.77.2 2635 (AUTOMATTIC)
1 183.181.84.135 2519 (VECTANT A...)
1 183.181.84.69 2519 (VECTANT A...)
1 2.18.234.65 16625 (AKAMAI-AS)
1 2 104.244.42.72 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
4 8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
119 30
22    103.3.2.32 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv12031.xserver.jp
www.ponta-money.work
ponta-money.work
20    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i2.wp.com
1    183.181.84.135 (Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: sv8614.xserver.jp
cocablog.site
1    183.181.84.69 (Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: sv8548.xserver.jp
zubosiba.com
1    2.18.234.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-65.deploy.static.akamaitechnologies.com
cdn.blog.st-hatena.com
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
22    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Domain Requested by
25 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
21 ponta-money.work ponta-money.work
18 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 pagead2.googlesyndication.com ponta-money.work
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 www.google.com 4 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com googleads.g.doubleclick.net
6 platform.twitter.com ponta-money.work
platform.twitter.com
5 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.google-analytics.com cdn.jsdelivr.net
www.googletagmanager.com
www.google-analytics.com
2 syndication.twitter.com 1 redirects platform.twitter.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 cdn.jsdelivr.net ponta-money.work
1 s0.2mdn.net tpc.googlesyndication.com
1 cdn.blog.st-hatena.com ponta-money.work
1 zubosiba.com ponta-money.work
1 cocablog.site ponta-money.work
1 i2.wp.com ponta-money.work
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com ponta-money.work
1 cdnjs.cloudflare.com ponta-money.work
1 ajax.googleapis.com ponta-money.work
1 www.ponta-money.work 1 redirects
119 24

This site contains links to these domains. Also see Links.

Domain
twitter.com
b.hatena.ne.jp
snowballstocks.com
cocablog.site
zubosiba.com
www.bakademodekiru.com
Subject Issuer Validity Valid
www.ponta-money.work
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
www.cocablog.site
R3		 2021-06-28 -
2021-09-26		 3 months crt.sh
www.zubosiba.com
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
cdn-ak.b.st-hatena.com
GeoTrust RSA CA 2018		 2020-11-24 -
2021-11-28		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://ponta-money.work/
Frame ID: 387A3385103D9BC6022C5A151CB48AC8
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 152A2BB12584F8FD8F9E04E8AF5A05C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&adk=1812271804&adf=3025194257&lmt=1629494175&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fponta-money.work%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059122&bpp=204&bdt=80&idt=205&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=222149952873&frm=20&pv=2&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=289
Frame ID: 3A1288CA286DE2B5EA15D6DE9E70D18D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fponta-money.work
Frame ID: 72EEB5F37D6E203670A8C1808CF1AD09
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Frame ID: E73FECF9D0CA6EB2569B099B756C9183
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Frame ID: 7E986CC1FA9350676B00C2B5E2EE5F73
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Frame ID: E5D455E6A948FF25EB5B0A651894DDF7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Frame ID: FB1894B045C34D2B08BA15F442A0C3C5
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Frame ID: 0F4E1E19DE21E9DAAACE237F4B052774
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Frame ID: E1ADD13B97E23E7359951EA3C21D9439
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 5E61D9A48F42DB09662D72CD4118D88B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 595BA3811F865AAC42A2208BA25C12C9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 28B60ECE8554334BC275477C84C362ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C9167D98C32F73089811E64859A90E2A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Frame ID: C27B9F4CBC8AE6C3D414297DFCAF03B2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Frame ID: FA38EB04AED93EA9A4C34C524EE5C274
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EBCE9108D305BEF8EC247E518D8274A2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Frame ID: 8170536B0582CEE27AC533CEE056CB9A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Frame ID: 3632C950C64429FED42F0236A09C7CA0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F1F6CA66543D91AC5FFB89A959CEF539
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB551B77925D1A6DBBF4AE39796834A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

初心者が始めるアメリカ株式投資

Page URL History Show full URLs

  1. https://www.ponta-money.work/ HTTP 301
    https://ponta-money.work/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

119
Requests

100 %
HTTPS

76 %
IPv6

19
Domains

24
Subdomains

30
IPs

3
Countries

4121 kB
Transfer

6556 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.ponta-money.work/ HTTP 301
    https://ponta-money.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 102
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 105
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 106
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 113
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

119 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ponta-money.work/
Redirect Chain
  • https://www.ponta-money.work/
  • https://ponta-money.work/
428 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
fb1f6524f7e0e23f05465015933809b3761dfb0e1df4b568074c0b4275084701

Request headers

:method
GET
:authority
ponta-money.work
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sat, 21 Aug 2021 07:14:18 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
last-modified
Fri, 20 Aug 2021 21:16:15 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
expires
Mon, 29 Oct 1923 20:30:00 GMT
pragma
no-cache
content-encoding
gzip

Redirect headers

server
nginx
date
Sat, 21 Aug 2021 07:14:18 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://ponta-money.work/
x-redirect-by
WordPress
cache-control
max-age=1
expires
Sat, 21 Aug 2021 07:14:19 GMT
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49909
x-xss-protection
0
server
cafe
etag
7723420151934129076
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Aug 2021 07:14:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=3.3.1
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 23:42:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Aug 2022 23:42:52 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.1/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.1/jquery-migrate.min.js?ver=3.0.1
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6260613
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3054
cf-request-id
0a93ff2af80000bf0fd31a2000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2c9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY%2FYAkhzqnG0X7%2B46DKIwmzvJMl%2Bb%2Fp0LLvSGPmGYVxBHaklOcyM48a%2F5evb%2Fdwfi3rDQosqwtIUIr4mXLpV0DeGpBph16sZsrprKsZqoWCHeDUrG3gTr3LBcF0CY81kcqt%2FOdd6yxD0TwEDyS1uZgww"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
682210550b174e3e-FRA
expires
Thu, 11 Aug 2022 07:14:19 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-198018087-1
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba909d724824ed641d7ed12889b50654f0a811216b8048ee24d00b91e36ae6be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41008
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 Aug 2021 07:14:19 GMT
ga-lite.min.js
cdn.jsdelivr.net/npm/ga-lite@2/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/ga-lite@2/dist/ga-lite.min.js
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a858d60bf50b0108d2dcfe8351f694c425d811615e2588e659030050693eb50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
26144
x-jsd-version
2.1.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3039
etag
W/"1ffd-OrRxGSclknOmiO/RKOPBOJcE4A4"
x-served-by
cache-fra19180-FRA
x-jsd-version-type
version
date
Sat, 21 Aug 2021 07:14:19 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 		252 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95446
x-xss-protection
0
server
cafe
etag
16230733116024533272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 21 Aug 2021 07:14:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 152A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210812/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 20 Aug 2021 20:32:15 GMT
expires
Fri, 03 Sep 2021 20:32:15 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
38524
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/ 		35 B
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect?v=1&ul=en-us&de=UTF-8&dl=https%3A%2F%2Fponta-money.work%2F&dt=%E5%88%9D%E5%BF%83%E8%80%85%E3%81%8C%E5%A7%8B%E3%82%81%E3%82%8B%E3%82%A2%E3%83%A1%E3%83%AA%E3%82%AB%E6%A0%AA%E5%BC%8F%E6%8A%95%E8%B3%87&sd=24-bit&sr=1600x1200&vp=1600x1200&dr=&t=pageview&cid=0.8998831496860034.0.5138108603765046&tid=UA-136298942-1&z=1629530059136
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/ga-lite@2/dist/ga-lite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 Aug 2021 07:14:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://ponta-money.work
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-198018087-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
5865
date
Sat, 21 Aug 2021 05:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sat, 21 Aug 2021 07:36:34 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=210343986&t=pageview&_s=1&dl=https%3A%2F%2Fponta-money.work%2F&ul=en-us&de=UTF-8&dt=%E5%88%9D%E5%BF%83%E8%80%85%E3%81%8C%E5%A7%8B%E3%82%81%E3%82%8B%E3%82%A2%E3%83%A1%E3%83%AA%E3%82%AB%E6%A0%AA%E5%BC%8F%E6%8A%95%E8%B3%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=419903457&gjid=480539922&cid=2101536554.1629530059&tid=UA-198018087-1&_gid=1762009094.1629530059&_r=1&gtm=2ou8i0&did=dZTNiMT&z=1339222748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Aug 2021 07:14:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ponta-money.work
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
icomoon.woff
ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?3o5bkh
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30

Request headers

sec-fetch-mode
cors
origin
https://ponta-money.work
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
:path
/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?3o5bkh
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://ponta-money.work
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Thu, 12 Aug 2021 14:21:04 GMT
server
nginx
content-type
application/x-font-woff
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
12580
expires
Sun, 21 Aug 2022 07:14:19 GMT
icomoon.ttf
ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 		12 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf?3o5bkh
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195

Request headers

sec-fetch-mode
cors
origin
https://ponta-money.work
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
:path
/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf?3o5bkh
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://ponta-money.work
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 14:21:04 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
application/x-font-ttf
cache-control
max-age=31536000, public
expires
Sun, 21 Aug 2022 07:14:19 GMT
fa-brands-400.woff2
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-brands-400.woff2
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

sec-fetch-mode
cors
origin
https://ponta-money.work
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
:path
/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-brands-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://ponta-money.work
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Thu, 12 Aug 2021 14:21:04 GMT
server
nginx
content-type
application/x-font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
76612
expires
Sun, 21 Aug 2022 07:14:19 GMT
fa-regular-400.woff2
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-regular-400.woff2
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

sec-fetch-mode
cors
origin
https://ponta-money.work
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
:path
/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-regular-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://ponta-money.work
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Thu, 12 Aug 2021 14:21:04 GMT
server
nginx
content-type
application/x-font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
13584
expires
Sun, 21 Aug 2022 07:14:19 GMT
fa-solid-900.woff2
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-solid-900.woff2
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

sec-fetch-mode
cors
origin
https://ponta-money.work
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
:path
/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://ponta-money.work
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Thu, 12 Aug 2021 14:21:04 GMT
server
nginx
content-type
application/x-font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
79444
expires
Sun, 21 Aug 2022 07:14:19 GMT
header2.png
ponta-money.work/wp-content/uploads/2020/07/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2020/07/header2.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
7c47876d0ea888f37089a5b2ce560adb8347b58f0627383874313e1a514194c4

Request headers

:path
/wp-content/uploads/2020/07/header2.png
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Sun, 12 Jul 2020 13:34:23 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
59613
expires
Sun, 21 Aug 2022 07:14:19 GMT
cookie.js
partner.googleadservices.com/gampad/ 		206 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ponta-money.work&callback=_gfp_s_&client=ca-pub-9862775704499057
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b436e63c4047d149570f902e2a6e17cd4141127e416f6d20cb89424a8c1e4910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ponta-money.work
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ponta-money.work
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A12 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&adk=1812271804&adf=3025194257&lmt=1629494175&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fponta-money.work%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059122&bpp=204&bdt=80&idt=205&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=222149952873&frm=20&pv=2&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de22705508b17a8517ac222be7e81a48160998fbeb2dd18369288363f4212b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9862775704499057&output=html&adk=1812271804&adf=3025194257&lmt=1629494175&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fponta-money.work%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059122&bpp=204&bdt=80&idt=205&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=222149952873&frm=20&pv=2&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=289
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 21 Aug 2021 07:14:19 GMT
server
cafe
content-length
5180
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 21-Aug-2021 07:29:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:19 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Sat, 21 Aug 2021 07:14:19 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 07:14:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/673A)
Age
1325
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
a2d8c4ac8cf3ee51d7810dc25fad79d7.jpg
i2.wp.com/snowballstocks.com/wp-content/uploads/2019/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/snowballstocks.com/wp-content/uploads/2019/04/a2d8c4ac8cf3ee51d7810dc25fad79d7.jpg?resize=400%2C300
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6743649c9f9a466a1d18445a11e0b85f6bb5cf958637f996af0ea5b755b716ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS cdg 4
date
Sat, 21 Aug 2021 07:14:19 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 10:39:26 GMT
server
nginx
etag
"1afda4f5fd53d201"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://snowballstocks.com/wp-content/uploads/2019/04/a2d8c4ac8cf3ee51d7810dc25fad79d7.jpg>; rel="canonical"
content-length
13352
expires
Sun, 30 Jul 2023 22:39:26 GMT
20190216icon%E3%81%AE%E3%82%B3%E3%83%94%E3%83%BC.png
cocablog.site/wp-content/uploads/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cocablog.site/wp-content/uploads/20190216icon%E3%81%AE%E3%82%B3%E3%83%94%E3%83%BC.png?resize=300%2C200
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.181.84.135 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
sv8614.xserver.jp
Software
nginx /
Resource Hash
0f576e6da409208815ca5163836e92afddf8346797705a0902161ba840040116

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Mon, 12 Jul 2021 06:24:56 GMT
server
nginx
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=1
accept-ranges
bytes
content-length
136210
expires
Sat, 21 Aug 2021 07:14:21 GMT
49133395-1.jpg
zubosiba.com/wp-content/uploads/2019/08/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zubosiba.com/wp-content/uploads/2019/08/49133395-1.jpg?resize=300%2C200
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.181.84.69 , Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
sv8548.xserver.jp
Software
nginx /
Resource Hash
4127b48be4434fdef1643c23f88bf9d4f782500774773c4ec8a56d9e607e0b01

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Thu, 04 Jun 2020 09:15:02 GMT
server
nginx
etag
"8f5b-5a73e9457e065"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
36699
expires
Sat, 28 Aug 2021 07:14:20 GMT
lane.gif
cdn.blog.st-hatena.com/css/theme/sushiyuki/images/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.blog.st-hatena.com/css/theme/sushiyuki/images/lane.gif?version=1c3afeb7551424fae7c3d921fa3e8510004d33f6&env=production
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-65.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
51c82a45def57f7d137067d508bdd79be096b85eda834315f5c4ebcca8fec3a7

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 07:14:19 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
ETag
"611a0bd9-3e5a1"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=193744
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
255393
Expires
Mon, 23 Aug 2021 13:03:23 GMT
avatar20190906213406.jpg
ponta-money.work/wp-content/uploads/2020/05/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2020/05/avatar20190906213406.jpg
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
a33fad02887bffcc21ba25782e3472bbc8474c87b06b88aaf890333ec9804e0d

Request headers

:path
/wp-content/uploads/2020/05/avatar20190906213406.jpg
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1; __gads=ID=36e73d697bdb05b0-22c5e0b8b1c9008c:T=1629530059:RT=1629530059:S=ALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Sun, 17 May 2020 00:30:49 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
88218
expires
Sun, 21 Aug 2022 07:14:20 GMT
clipboard.min.js
cdn.jsdelivr.net/clipboard.js/1.5.13/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clipboard.js/1.5.13/clipboard.min.js
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4876727
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3469
etag
W/"29b8-SfrX8LNZaoGlcNmIEvoJIzsobb4"
x-served-by
cache-fra19180-FRA
date
Sat, 21 Aug 2021 07:14:19 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
casino_chip-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/casino_chip-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
e4507fb30c4deea59b3fc01f9b3fb358ce1df6e4cd40d1bf7ccfb56dc6e0f8d4

Request headers

:path
/wp-content/uploads/2021/08/casino_chip-640x360.png
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Fri, 20 Aug 2021 16:08:55 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
233569
expires
Sun, 21 Aug 2022 07:14:19 GMT
kiss_couple_man-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		206 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/kiss_couple_man-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
fa33a3232ddeca475245ee4e42762253f6bb3e5ffed8e634e4a696af91eee9e2

Request headers

:path
/wp-content/uploads/2021/08/kiss_couple_man-640x360.png
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Thu, 19 Aug 2021 14:42:57 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
210755
expires
Sun, 21 Aug 2022 07:14:19 GMT
922320dd-s.png
ponta-money.work/wp-content/uploads/2021/08/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/922320dd-s.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
87867176efe3326b0bb4caca2ad02723286a18205090923f332930aa12c44342

Request headers

:path
/wp-content/uploads/2021/08/922320dd-s.png
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Wed, 18 Aug 2021 15:55:41 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
107372
expires
Sun, 21 Aug 2022 07:14:19 GMT
syouken_torihiki_man-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/syouken_torihiki_man-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
5648ace9fd42b6d8bd1c74e31ffb0f9527826877457fe064790f048b37c07fce

Request headers

:path
/wp-content/uploads/2021/08/syouken_torihiki_man-640x360.png
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
last-modified
Tue, 17 Aug 2021 14:05:27 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
263722
expires
Sun, 21 Aug 2022 07:14:19 GMT
ishiki_takai-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/ishiki_takai-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
b09648bdaba00278effdb4cfee27d8d77102d3a93575a9718cee4fe7c204b57b

Request headers

:path
/wp-content/uploads/2021/08/ishiki_takai-640x360.png
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1; __gads=ID=36e73d697bdb05b0-22c5e0b8b1c9008c:T=1629530059:RT=1629530059:S=ALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Mon, 16 Aug 2021 16:49:44 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
157050
expires
Sun, 21 Aug 2022 07:14:20 GMT
point_happy_woman-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/point_happy_woman-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
bf5af1b082cec0c615b9bb2a8dce56e5f7ea9ef14f2897845dd7519779c8c834

Request headers

:path
/wp-content/uploads/2021/08/point_happy_woman-640x360.png
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1; __gads=ID=36e73d697bdb05b0-22c5e0b8b1c9008c:T=1629530059:RT=1629530059:S=ALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Sun, 15 Aug 2021 06:29:34 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
155346
expires
Sun, 21 Aug 2022 07:14:20 GMT
money_fuyouhin_man_uru-640x360.png
ponta-money.work/wp-content/uploads/2020/07/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2020/07/money_fuyouhin_man_uru-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
41b2b8a681e4809974e473a14680715a99b7481fb6cec4120d8f799a8740a71b

Request headers

:path
/wp-content/uploads/2020/07/money_fuyouhin_man_uru-640x360.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Tue, 07 Jul 2020 13:48:37 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
172663
expires
Sun, 21 Aug 2022 07:14:20 GMT
takarakuji-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/takarakuji-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
903425490c1b5e8b5fcb5527ccfaf91c4b01b9f17f4ce6319f6947a4d3929722

Request headers

:path
/wp-content/uploads/2021/08/takarakuji-640x360.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Fri, 13 Aug 2021 12:24:41 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
191740
expires
Sun, 21 Aug 2022 07:14:20 GMT
cry_boy-526x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/cry_boy-526x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
f05e46a34bf9cc6350fd9b37797b22cf7027ecaa3e06810b6a89f399867a117f

Request headers

:path
/wp-content/uploads/2021/08/cry_boy-526x360.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Thu, 12 Aug 2021 14:39:59 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
167358
expires
Sun, 21 Aug 2022 07:14:20 GMT
cool_japan-640x360.png
ponta-money.work/wp-content/uploads/2021/08/ 		297 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ponta-money.work/wp-content/uploads/2021/08/cool_japan-640x360.png
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
9f5348f5011726b3040005ebe5b95a773d639d4bd9876c6e9c982204d009ab61

Request headers

:path
/wp-content/uploads/2021/08/cool_japan-640x360.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
last-modified
Wed, 11 Aug 2021 14:45:25 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
304521
expires
Sun, 21 Aug 2022 07:14:20 GMT
all.min.css
ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/ 		57 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/all.min.css
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

:path
/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/all.min.css
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 14:21:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 21 Aug 2022 07:14:19 GMT
style.css
ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/webfonts/icomoon/style.css
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20

Request headers

:path
/wp-content/themes/cocoon-master/webfonts/icomoon/style.css
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 14:21:04 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 21 Aug 2022 07:14:19 GMT
fontawesome5.css
ponta-money.work/wp-content/themes/cocoon-master/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ponta-money.work/wp-content/themes/cocoon-master/css/fontawesome5.css
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.3.2.32 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv12031.xserver.jp
Software
nginx /
Resource Hash
b02dfd272ecdd8b4736df5fb3e0704e64453255f40aa230037857243585101a8

Request headers

:path
/wp-content/themes/cocoon-master/css/fontawesome5.css
pragma
no-cache
cookie
_ga=GA1.2.2101536554.1629530059; _gid=GA1.2.1762009094.1629530059; _gat_gtag_UA_198018087_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ponta-money.work
referer
https://ponta-money.work/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 14:21:03 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Sun, 21 Aug 2022 07:14:19 GMT
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 72EE 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fponta-money.work
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ponta-money.work/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
214544
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 21 Aug 2021 07:14:19 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6752)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame 72EE 		232 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=449ffc2d163deb5d8cfcf594b960d797195f1965
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fponta-money.work
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:18 GMT
content-encoding
gzip
last-modified
Sat, 21 Aug 2021 07:14:19 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
30c363b23f4ecaac3ebc5d98467680134dfc1562596ed0b50aabdc6a4f371959
content-length
166
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ponta-money.work
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ponta-money.work
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 Aug 2021 07:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E73F 		101 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff9fbe68cfe94fe3e10cd1c2410d8a0aeeb454cf23a87ad9507303a1c3dda0ad
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPil-sLIwfICFRT7dwod87II9w&gqi=y6cgYc3INOa17_UP9quo2As&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPil-sLIwfICFRT7dwod87II9w&gqi=y6cgYc3INOa17_UP9quo2As&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 21 Aug 2021 07:14:20 GMT
server
cafe
content-length
36436
x-xss-protection
0
set-cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 7E98 		107 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78e9dc75ec93af16832a2bb6e3daabba14ee986bd98d66464cfce7f7c262b8f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 21 Aug 2021 07:14:20 GMT
server
cafe
content-length
38487
x-xss-protection
0
set-cookie
IDE=AHWqTUlx7qaWHqXCorqImHOnEahxucSI26r_vzF3HRUt_eCh4HcHkolKYy2KahMRBG0; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame E5D4 		109 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3625b3a3e337cd2a973fe41d25c49d0b6489b3512277c4cce91677d1dbcf267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 21 Aug 2021 07:14:20 GMT
server
cafe
content-length
39000
x-xss-protection
0
set-cookie
IDE=AHWqTUnV-uypPUSoKPW_gOSxghPNWnH1y6EuJeC0u7C6QeKgI6yWbwpogsN9Pq-4dr4; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame FB18 		107 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c94d135a47e6edd9523cedde932517a84142c4ff4e4762d9018f3ac3ff500bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 21 Aug 2021 07:14:20 GMT
server
cafe
content-length
38565
x-xss-protection
0
set-cookie
IDE=AHWqTUnDxwSNDcVV49e-AuOPGBeKYdIjgfRHnCLkQoIgMQBR9ZyyD49fvaAmvqYKcwM; expires=Thu, 15-Sep-2022 07:14:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 07:14:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/673A)
Age
214545
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
platform.twitter.com/widgets/ Frame 0F4E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ponta-money.work/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
214354
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 21 Aug 2021 07:14:19 GMT
Etag
"7bbedeb3f951490fe07215cd8ca17db6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:43 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/673A)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
14067
follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
platform.twitter.com/widgets/ Frame E1AD 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ponta-money.work/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
214354
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 21 Aug 2021 07:14:19 GMT
Etag
"7bbedeb3f951490fe07215cd8ca17db6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:43 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/673A)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
14067
truncated
/ Frame 0F4E 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
jot.html
platform.twitter.com/ Frame 5E61
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: ponta-money.work
URL: https://ponta-money.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://ponta-money.work
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
214546
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 21 Aug 2021 07:14:20 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Mon, 02 Aug 2021 20:34:56 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/673A)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Sat, 21 Aug 2021 07:14:20 GMT
pragma
no-cache
server
tsa_o
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Sat, 21 Aug 2021 07:14:20 GMT
x-transaction
4722b2d93748b771
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-connection-hash
30c363b23f4ecaac3ebc5d98467680134dfc1562596ed0b50aabdc6a4f371959
css
fonts.googleapis.com/ Frame 7E98 		8 KB
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 06:38:56 GMT
server
ESF
date
Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 07:14:20 GMT
css
fonts.googleapis.com/ Frame 7E98 		116 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 07:14:20 GMT
server
ESF
date
Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 07:14:20 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 7E98 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
server
cafe
etag
3919984641620196875
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 16:24:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 7E98 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 00:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 00:40:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 7E98 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 04:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 04:23:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E98 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Sat, 21 Aug 2021 07:14:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 7E98 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 16:32:03 GMT
l
www.google.com/ads/measurement/ Frame 7E98 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3BnfTAjoLMKPp6XeBtcFIynrlqiO4dn4apTPc4AZEltVxr8b_6v2a3ykAd_mLVPk2_sL6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame E5D4 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 06:34:51 GMT
server
ESF
date
Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 07:14:20 GMT
css
fonts.googleapis.com/ Frame E5D4 		116 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 07:14:19 GMT
server
ESF
date
Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 07:14:20 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E5D4 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
server
cafe
etag
3919984641620196875
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 16:24:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame E5D4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 00:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 00:40:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E5D4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 04:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 04:23:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E5D4 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Sat, 21 Aug 2021 07:14:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E5D4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 16:32:03 GMT
l
www.google.com/ads/measurement/ Frame E5D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNR0q2ndYsvsxmDcpw935DRTqHwxFdJSoaHvP3CdqtMJwSRrSt4gMKls0X7Hfm6tb7r-V2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame FB18 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 07:14:20 GMT
server
ESF
date
Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 07:14:20 GMT
css
fonts.googleapis.com/ Frame FB18 		116 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 07:14:20 GMT
server
ESF
date
Sat, 21 Aug 2021 07:14:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 07:14:20 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame FB18 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
server
cafe
etag
3919984641620196875
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 16:24:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame FB18 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 00:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 00:40:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame FB18 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 04:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 04:23:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB18 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Sat, 21 Aug 2021 07:14:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame FB18 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 16:32:03 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11042433545565097477/ Frame 7E98 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11042433545565097477/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvwIQpwEYASABLQAAAD8wwAI4pwFFAACAPw&rs=AOga4qlDGEFJRd7AN8qOU7-QKDyNUX3U_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
298aa3a2a980c193b95212650dc795983fdfc05a36192f0407618e4a06e5aa7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 11:37:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 07:36:38 GMT
server
sffe
age
502583
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8338
x-xss-protection
0
expires
Mon, 15 Aug 2022 11:37:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7E98 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKboSy6cgYbbENdS13gP4j6-4D-aO9f9isvaSg_YMi8nY_IsaEAEgoYnAdGCVAqAB75Db-QLIAQapAjDVE-QdobM-qAMByAPLBKoEuwFP0FBmI9DC1onWpcZFxKJNtjJrV4_SWxuQghY5J6XseHS1b2mv12BcEdLVMF2vfpXABNJCat9T5MDLO9P9Vw9988n59VwyZhKNZBjYScWg4cZB-oDiEoJfvVB_NmneX8eX6VFyU7As4v-FASr5pLSmXrjF0BdLvM-vmjVELzyfIDW6jTLhngSn2SciLQ5NRGtcNcvJhO8YGzdldE-b3Eud1ujpd7bhkxxwhAC-r3z3dqe2G1w438c9UBmOwATn85SfsgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH-e6khgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQo_IQ0ggJCIDhgHAQARgfgAoByAsB2BMMiBQJ0BUBmBYBgBcBshccChoIABIUcHViLTk4NjI3NzU3MDQ0OTkwNTcYAA&sigh=PROzfVZuHWU&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 21 Aug 2021 07:14:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 595B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnDxwSNDcVV49e-AuOPGBeKYdIjgfRHnCLkQoIgMQBR9ZyyD49fvaAmvqYKcwM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 21 Aug 2021 06:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7E98 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 17:17:27 GMT
x-content-type-options
nosniff
age
309413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 17:17:27 GMT
-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ Frame 7E98 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 11:56:39 GMT
x-content-type-options
nosniff
age
328661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51132
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:33:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 11:56:39 GMT
truncated
/ Frame 7E98 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c68063a6877cae1e1138e5f19d7387a2e03369872dd32374cd7abadc82780f2d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/17825095132364817297/ Frame E5D4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17825095132364817297/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvwIQpwEYASABLQAAAD8wwAI4pwFFAACAPw&rs=AOga4qkiPCy3wXqc_hRP2NKKoCpnTOY06g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0093e0651b8cabd3f144e8858f7219cdb247097fb41114ccdabb61879b723609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 Jun 2019 12:37:43 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7755
x-xss-protection
0
expires
Sun, 21 Aug 2022 07:14:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E5D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CfOQzy6cgYZzNNZaNjuwP5r-cqA3v6ZadY7iWpvTtC_zBtauuARABIKGJwHRglQKgAbWRh-oDyAEGqQIw1RPkHaGzPqgDAcgDywSqBLQBT9DJe6iw2eTR7g6pQ8wMiKohwYfKh3lB_9mXkcAKOURdP-O_5jbMjhOavlXqFjBL1CSIlP6SgE-gdmRoxWoTtEOxvDYoouPYJK608XHgyrPXB1v9-qrs917Fsa69nb0fUILUxb0OBPZ4Ml1d_4kXUJ9HtrkzNmPhtK-3cG8BDtvIz9PVlQLUItORgwbsUV3EdAYAXYi8r5otSZ9pFuvCeWzEYOS87I7ci_UX-DTpQrkg0smLwASTvdCn8AKSBQQIBBgBkgUECAUYBKAGN4AHs-74FagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDY-CDSCAkIgOGAcBABGB-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItOTg2Mjc3NTcwNDQ5OTA1NxgA&sigh=zdPvWoyqDQI&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 21 Aug 2021 07:14:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 28B6 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 21 Aug 2021 06:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
downsize_200k_v1
tpc.googlesyndication.com/simgad/10883257406420247631/ Frame FB18 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10883257406420247631/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvwIQpwEYASABLQAAAD8wwAI4pwFFAACAPw&rs=AOga4qm7XmU7P7ivsoO_-Ivaje6CGDb7Hg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10c1f47cd36a7f93d4e4170a8a60da36689e2d1f9cd9a9daf3286dd11f441992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Jul 2021 04:15:43 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26459
x-xss-protection
0
expires
Sun, 21 Aug 2022 07:14:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FB18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CujjRy6cgYYXmNZft3wPdlLWgCcXQ88hkroaRvaMOChABIKGJwHRglQKgAebCwKIDyAEGqQLGcydRkY9DPqgDAcgDywSqBLUBT9DUTajEoG3uG7kqd2yj-x5PPKthQ72PAZKTchPfLpcGXiBaznfHge5w4fWQ3fXOvdmigf86rRsGDzqbgbJADwvpeapmmOACfz5tqM0pg5urvlIGt7BRD1Z7b6G7R2D56-NeHH67LnPN_O9YPoOMBbeI5qWwyVzaIwdjV6Mn4NJnCO7jrji0_3SZAXscI7vXw5P9pjF0EjTFJ1RYZlLczRxyx6SnTq9Iv-w6pIPsW9K5fQtWrMAEsYzg-J0DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB4K9v12oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQy_8I0ggJCIDhgHAQARgfgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTk4NjI3NzU3MDQ0OTkwNTcYAA&sigh=bQ3fGA6KIxc&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 21 Aug 2021 07:14:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame C916 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 21 Aug 2021 06:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E5D4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f48e705fb0dbf74cb8e6f986deebb22efdc6794c6044e030f0873edb2e787bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E5D4 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 17:17:27 GMT
x-content-type-options
nosniff
age
309413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 17:17:27 GMT
-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ Frame E5D4 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 11:56:39 GMT
x-content-type-options
nosniff
age
328661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51132
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:33:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 11:56:39 GMT
truncated
/ Frame FB18 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbac748ed8f03fd94f7e0b2f2fa80891e85adce7be0c974da9b7812060f7511c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FB18 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 17:17:27 GMT
x-content-type-options
nosniff
age
309413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 17:17:27 GMT
-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v28/ Frame FB18 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 11:56:39 GMT
x-content-type-options
nosniff
age
328661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51132
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:33:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 11:56:39 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame E73F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 00:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 00:40:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E73F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 04:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Sep 2021 04:23:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E73F 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Sat, 21 Aug 2021 07:14:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E73F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 16:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 16:32:03 GMT
l
www.google.com/ads/measurement/ Frame E73F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTVlWscmxAgr1tcFSCSav0VYGyTVaAeiC5TQGysG2AbDF5JQfe3b0lo0vZ9uTvHjrCD63S
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame C27B 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/5442514344972767536/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2960
date
Mon, 16 Aug 2021 22:41:39 GMT
expires
Tue, 16 Aug 2022 22:41:39 GMT
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
376361
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame E73F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CojUVy6cgYbiUNZT23wPz5aK4D6CykfZjxqqD3qsN8O3Ex50WEAEgoYnAdGCVAqABo9awxAPIAQmpAjDVE-QdobM-qAMByANIqgS5AU_Q951iaAgMd1R2EPW4uPWnLfTU814MnuoTk_6_fiEbVEX5KD9sFKk8pPJLeIyBDK9ssrAA4IvSUNte0y2HuCGOfdiuO8BO_yIYq5iX-XsUOS15-jzAZwguSuZCbSAcsWH_t45LtRpududfOlRfyqi_zKB2GR_6InRy1nVvntwtOv6HFSPjXqI0Y7yg-SUCN4NXixexKXl3LoETa2ZTefD1818WlvW4QlZ4fmxMsqzAx-68dughh-4owATHz7S-sgKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxanPO6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDOyy7SCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTg2Mjc3NTcwNDQ5OTA1NxgA&sigh=xzEfclMVUjU&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 21 Aug 2021 07:14:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 595B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame FA38 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2207523636&pi=t.aa~a.1973649769~rp.4&w=800&lmt=1629494175&nsk=9951695f&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=804&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280&nras=3&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LH86NSVNDE&p=https%3A//ponta-money.work&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 22:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
118430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 22:20:30 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EBCE 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 21 Aug 2021 06:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 28B6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame C916
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame 8170 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=2222677793&pi=t.aa~a.1973651931~rp.4&w=800&lmt=1629494175&nsk=e74c1219&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207&nras=4&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=YCCvEKhbdN&p=https%3A//ponta-money.work&dtd=15
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 22:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
118430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 22:20:30 GMT
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame 3632 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=207&adk=1006193736&adf=3761430862&pi=t.aa~a.1973662632~rp.4&w=800&lmt=1629494175&nsk=a01919ac&rafmt=11&pwprc=6176317352&psa=0&ad_type=text_image&format=800x207&url=https%3A%2F%2Fponta-money.work%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=1&bdt=805&idt=0&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0%2C336x280%2C800x207%2C800x207&nras=5&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=w52iZYyoUX&p=https%3A//ponta-money.work&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 22:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
118430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 22:20:30 GMT
truncated
/ Frame E73F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e72bd5add5885585618d01f8a163bb110a7bcb847918ea15b6a4d65e5b48e824

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C27B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 21 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C27B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67007
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 21 Aug 2021 12:37:33 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C27B 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Aug 2021 07:14:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EBCE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862775704499057&output=html&h=280&adk=1549541974&adf=789705359&pi=t.aa~a.4263631882~rp.3&w=336&fwrn=4&fwrnh=100&lmt=1629494175&rafmt=1&to=qs&pwprc=6176317352&psa=0&format=336x280&url=https%3A%2F%2Fponta-money.work%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629530059846&bpp=2&bdt=805&idt=-M&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D36e73d697bdb05b0-22c5e0b8b1c9008c%3AT%3D1629530059%3ART%3D1629530059%3AS%3DALNI_MZ_krwyrEFoZ_M-5Qfk7PLZshbl3w&prev_fmts=0x0&nras=2&correlator=222149952873&frm=20&pv=1&ga_vid=2101536554.1629530059&ga_sid=1629530059&ga_hid=210343986&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C20211866%2C31062179%2C31062297&oid=3&pvsid=4361948685469017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XMTT39p82B&p=https%3A//ponta-money.work&dtd=7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 21-Aug-2021 08:14:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 21 Aug 2021 07:14:20 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 21 Aug 2021 07:14:20 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame C27B 		906 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/imagesuv0myt5eb1rnnbxsp1ds.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
289901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
906
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
server
sffe
date
Tue, 17 Aug 2021 22:42:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 22:42:39 GMT
1ad6b5aa39cdeb703ff094f477328c96.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame C27B 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/1ad6b5aa39cdeb703ff094f477328c96.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
289901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38697
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
server
sffe
date
Tue, 17 Aug 2021 22:42:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 22:42:39 GMT
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame C27B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 22:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
118430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 22:20:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94e133e07be875a50d5cdd7202ed8c2e222f2c5fc47745c22d459c6f2ddcad06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 21 Aug 2021 07:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8620
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862775704499057&plah=ponta-money.work
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 07:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sat, 21 Aug 2021 07:14:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F1F6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 20 Aug 2021 18:33:19 GMT
expires
Sat, 20 Aug 2022 18:33:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
45662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DB55 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bde2388cf8d209a84ac016eec745d9930809851c9885525cfc85fdfda17cc178
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5pXlLTIh119LLdE9xJr/9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ponta-money.work/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ponta-money.work/

Response headers

expires
Sat, 21 Aug 2021 07:14:21 GMT
date
Sat, 21 Aug 2021 07:14:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5pXlLTIh119LLdE9xJr/9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame F1F6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 22:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
118431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 22:20:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=4361948685469017&bg=!6Oul66_NAAZvV8FTb1c7ACkAdvg8WodvtsgCAZxgo_DD7NGyPv41Cu_2_lwIYag86GOYVvT6izg7ngIAAAA2UgAAAAxoAQeZAoqqeJsUHIZ0-R8o83QOAUvqUjtRrYkUVmkGdPc3ZJ3ZaNigiePnf4U9sG8XHg83X9aJYsIAFsqw7-wbDyMdPPgS2oAxs0eSdqY4-Six2XyDE_JkfXiqXdvLPYjx7tOE0pJ7Xy5x3L8_dbQD5QaW8pki15vHdP9BQjbfM6Z0E1mNiayhw9VZ3UilDCpWyx-FnWrI5t8MeT6fwXgAkmehVEPwtpZLlQFaxqEHxEDympeZhylZXsvIxfziHIpIJlXridIWLwzlVIbQ5d1M_9rBB9RC66Gm5cs6Gupj6Jnaxbhr3InVq3wdFBZcWFaowF8IhUx6kT5Rt2tjuESRRJVelmEv_zM0yEMAciXZ1muIzPrF3QwxNwwixkYjPA6tbROjp8p4TAxaHuzOEsZRiU2SPeHWIwG1dfVe6pJ9Iv5IMPyMTr1-6n7BrebyqqOO2vZdLrnNjr8_ZY5RZFQ_P9dhfi-vCe53v7juB_WgrynhSCYG7UMHcJP6kdXhJCqX-WXUEc2HOEQJq0cG6XIct22pekH3QD0Do_ptltr7u1HiqP3iWySJRTG-XZg8H2qJBtltelJqa8K9LikZQOXYHT7VSGQd2Dy9k6Wv5PCqT6ugGvXapI7QP5l4FkHN04l033PcG5dKWGC9Uk4JIJ_FK6ZGbk2XmRFVquzx31vEGCH9NtgYUF9KHPt_I8jS-UTRKB00002riKjG63kvW2E7lscUmr1jOSqLNNxYxYD4HNrwSiJvBzij7N3x7FACeKQjcXdPrZHel3HUa4AwrKpPKk1jX9Hz15vWtLZrv9dxWsxpaSxHp5Kt_D7VewvdTP6K_xpDvYn1lPv-K6TQMfMzMj3jdLPio-55Uo8s6rm5UQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ponta-money.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Aug 2021 07:14:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| galite object| adsbygoogle function| $ function| jQuery function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl function| google_spfd number| google_unique_id object| google_sv_map object| google_jobrunner object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| loadWebFont function| lozad object| cocoon_localize_script_options string| selector object| __twttrll object| twttr object| __twttr function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| google_lpabyc object| googletag object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkH61N6ZDhdnVhRrdtjSFllSLif4yjRsQSzsoO5CudFk_ydMLBaPRCKtMwucdI

3 Console Messages

Source Level URL
Text
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.1/jquery-migrate.min.js?ver=3.0.1(Line 33)
Message:
JQMIGRATE: Migrate is installed, version 3.0.1
console-api log URL: https://ponta-money.work/(Line 19)
Message:
ServiceWorker registration successful with scope: https://ponta-money.work/
console-api log URL: https://ponta-money.work/(Line 22)
Message:
ServiceWorker update successful

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.blog.st-hatena.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cocablog.site
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i2.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
ponta-money.work
s0.2mdn.net
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.ponta-money.work
zubosiba.com
103.3.2.32
104.244.42.72
142.250.184.226
183.181.84.135
183.181.84.69
192.0.77.2
2.18.234.65
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:135e
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a04:4e42:3::485
0093e0651b8cabd3f144e8858f7219cdb247097fb41114ccdabb61879b723609
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019
0f576e6da409208815ca5163836e92afddf8346797705a0902161ba840040116
10c1f47cd36a7f93d4e4170a8a60da36689e2d1f9cd9a9daf3286dd11f441992
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
298aa3a2a980c193b95212650dc795983fdfc05a36192f0407618e4a06e5aa7f
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3f7518bdbb2f1de962712e98d51270975c9ae40f5fa9c82d0803f47023c0f904
4127b48be4434fdef1643c23f88bf9d4f782500774773c4ec8a56d9e607e0b01
41b2b8a681e4809974e473a14680715a99b7481fb6cec4120d8f799a8740a71b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51c82a45def57f7d137067d508bdd79be096b85eda834315f5c4ebcca8fec3a7
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5648ace9fd42b6d8bd1c74e31ffb0f9527826877457fe064790f048b37c07fce
5a858d60bf50b0108d2dcfe8351f694c425d811615e2588e659030050693eb50
5c94d135a47e6edd9523cedde932517a84142c4ff4e4762d9018f3ac3ff500bb
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5f48e705fb0dbf74cb8e6f986deebb22efdc6794c6044e030f0873edb2e787bc
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
6743649c9f9a466a1d18445a11e0b85f6bb5cf958637f996af0ea5b755b716ff
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
78e9dc75ec93af16832a2bb6e3daabba14ee986bd98d66464cfce7f7c262b8f9
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
7c47876d0ea888f37089a5b2ce560adb8347b58f0627383874313e1a514194c4
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
87867176efe3326b0bb4caca2ad02723286a18205090923f332930aa12c44342
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
903425490c1b5e8b5fcb5527ccfaf91c4b01b9f17f4ce6319f6947a4d3929722
94e133e07be875a50d5cdd7202ed8c2e222f2c5fc47745c22d459c6f2ddcad06
953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b
9f5348f5011726b3040005ebe5b95a773d639d4bd9876c6e9c982204d009ab61
a33fad02887bffcc21ba25782e3472bbc8474c87b06b88aaf890333ec9804e0d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195
b02dfd272ecdd8b4736df5fb3e0704e64453255f40aa230037857243585101a8
b09648bdaba00278effdb4cfee27d8d77102d3a93575a9718cee4fe7c204b57b
b436e63c4047d149570f902e2a6e17cd4141127e416f6d20cb89424a8c1e4910
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba909d724824ed641d7ed12889b50654f0a811216b8048ee24d00b91e36ae6be
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bde2388cf8d209a84ac016eec745d9930809851c9885525cfc85fdfda17cc178
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf5af1b082cec0c615b9bb2a8dce56e5f7ea9ef14f2897845dd7519779c8c834
c68063a6877cae1e1138e5f19d7387a2e03369872dd32374cd7abadc82780f2d
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
de22705508b17a8517ac222be7e81a48160998fbeb2dd18369288363f4212b45
e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30
e3625b3a3e337cd2a973fe41d25c49d0b6489b3512277c4cce91677d1dbcf267
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4507fb30c4deea59b3fc01f9b3fb358ce1df6e4cd40d1bf7ccfb56dc6e0f8d4
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6a5a122b16dafe6bc413c43f8234317c1b2d29333dd3444f9e0c20a84261c13
e72bd5add5885585618d01f8a163bb110a7bcb847918ea15b6a4d65e5b48e824
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
f05e46a34bf9cc6350fd9b37797b22cf7027ecaa3e06810b6a89f399867a117f
fa33a3232ddeca475245ee4e42762253f6bb3e5ffed8e634e4a696af91eee9e2
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f
fb1f6524f7e0e23f05465015933809b3761dfb0e1df4b568074c0b4275084701
fbac748ed8f03fd94f7e0b2f2fa80891e85adce7be0c974da9b7812060f7511c
ff9fbe68cfe94fe3e10cd1c2410d8a0aeeb454cf23a87ad9507303a1c3dda0ad