urlscan.io logo urlscan.io
SecurityTrails logo

secure.whatsthatcharge.com Open in urlscan Pro
34.206.86.54  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.whatsthatcharge.com/
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 60 HTTP transactions. The main IP is 34.206.86.54, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is secure.whatsthatcharge.com.
TLS certificate: Issued by R3 on October 13th 2021. Valid for: 3 months.
This is the only time secure.whatsthatcharge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    34.206.86.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-86-54.compute-1.amazonaws.com
secure.whatsthatcharge.com
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
19    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
Domain Requested by
19 tpc.googlesyndication.com secure.whatsthatcharge.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
15 secure.whatsthatcharge.com secure.whatsthatcharge.com
8 pagead2.googlesyndication.com secure.whatsthatcharge.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
secure.whatsthatcharge.com
googleads.g.doubleclick.net
www.googletagservices.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 ssl.google-analytics.com secure.whatsthatcharge.com
2 www.google-analytics.com secure.whatsthatcharge.com
www.google-analytics.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com secure.whatsthatcharge.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
60 13
Subject Issuer Validity Valid
secure.whatsthatcharge.com
R3		 2021-10-13 -
2022-01-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 9 frames:

Primary Page: https://secure.whatsthatcharge.com/
Frame ID: 381D5E22F336AA7D267A0648AD991511
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: A29E863C46745E23094D5D49288BBEEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Frame ID: 80F39906F6655ECF7B8A7A2C04CEDA40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&adk=1812271804&adf=3025194257&lmt=1634172166&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166713&bpp=1&bdt=775&idt=101&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=209x600&nras=1&correlator=6527124336681&frm=20&pv=1&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110
Frame ID: F9250AE2EE749CB9A264CA7D4F3B63A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html
Frame ID: E32A6F752918109B78DA1A44589ED46D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9VBrBn1nYZaSMoOLjuwP1oir4AOMrqDRZa_Wnp__DbCQHxABIKDulR1glfrwgYwHyAEJqQJUtRUXrHOzPqgDAcgDSKoE5AFP0EpRmSLbCK_gCTxMSqf7e3EmKInoqMEAJLg4YHDflQvqec8gcl9PC3snqIVMRTdlEtN0gln3qqqw9hlXKgIBKfMav_9o_PxsQh6i84-ot12kzEPFempgxJLZ9VDE26NuAUibLbmlYXIBA9yKWy8AWfdUz18h10HE2PGSWA4zwLZbcLLJ7PS0LpOmeMBOaUQZ7_WdQil0cHT8o7QgZAnkkYol3Qql-jGcJedsyJf19O4MToNrF4adGwfRlB5ilwVoA4JtQDAJLNq38XB2pAtK5ilTVzkx8BNJC9XHYXzNdd5Dr2_ABKCx2NHlA6AGLoAHz8PmqgKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEMKNXNIICQiA4YAQEAEYX4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0wOTA4MDMwODg3NjY1NTg1GAA&sigh=dFbHBs6YYLk&template_id=419
Frame ID: 6D71CBB196CB3650A38A3710A8E4FFEB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 50098ECF0A190B84667E9E3951A541DA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 93BDFCFFD53E80C42984431EDCF5189F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59934604898FBA1B7B95D339B8AB60E7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

What's That Charge?! Identify those mysterious charges on your credit card statement

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

60
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

14
IPs

2
Countries

694 kB
Transfer

1798 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
secure.whatsthatcharge.com/ 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
fdd61f148d690dba5860478ea1cc0a665b288c216476965fcba4b72439296a2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
secure.whatsthatcharge.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 14 Oct 2021 00:42:45 GMT
Connection
close
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Content-Type
text/html; charset=utf-8
Etag
W/"fdd61f148d690dba5860478ea1cc0a66"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32; path=/; secure; HttpOnly
X-Request-Id
4a4936d6-934d-4529-a319-3e95c55e0345
X-Runtime
0.047286
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Server
thin
Via
1.1 vegur
css3-mediaqueries-e6f609aee3dac6fe793c2df198e012df07e182bf996cc365c834d8d83825941b.js
secure.whatsthatcharge.com/assets/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/assets/css3-mediaqueries-e6f609aee3dac6fe793c2df198e012df07e182bf996cc365c834d8d83825941b.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
af6ddb33b04df002ef9a9e9f65ea9494469353953fc02cf16cfdfc7838ede869
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.whatsthatcharge.com/
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
5037
application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
secure.whatsthatcharge.com/assets/ 		146 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
5dab2b018dc3eb1a7f0fd91b664682509390ca953f4f63ca4b3d9013616aa761
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure.whatsthatcharge.com/
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
25268
application-bab322ec5ac1c368b265ac833389fa5d640573259b40b4b2e5310c231214ce90.js
secure.whatsthatcharge.com/assets/ 		384 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.whatsthatcharge.com/assets/application-bab322ec5ac1c368b265ac833389fa5d640573259b40b4b2e5310c231214ce90.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
2e0a6dad7dab750f88e76086b169c956a0087a8858d55197bc857ed9873a315d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure.whatsthatcharge.com/
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
113466
logo.en.png
secure.whatsthatcharge.com/assets/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/logo.en.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
bce52636c950ed185642a56bf86230b16f226fafba9a62189a7402a479f65334
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
content-top.png
secure.whatsthatcharge.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-top.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
3c6a08f2c1fb01fe037ab9f85551e96be46c1206a2cf776174690773621d7e0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
globe.png
secure.whatsthatcharge.com/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/globe.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
09da582b3b428a285ad19e62d5e6a28250f2ca784f0d970062e22a64769efc0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd346bd43b9b906e685f7a8eb0962970f5b54043259bbcceb5e57edb2b448b00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51418
x-xss-protection
0
server
cafe
etag
4882766509403257644
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 00:42:46 GMT
content-btm-shadow.png
secure.whatsthatcharge.com/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-btm-shadow.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
8a5e5884b22897a302f58e6c646b83ce28ad7424354eb016eae2c9db92ba85b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
content-bg.jpg
secure.whatsthatcharge.com/assets/ 		323 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-bg.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
60eddd1a150db3e4be1c3e60b92fb5a0695f7f92cfd369ca13795d46836819ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
header-repeat.jpg
secure.whatsthatcharge.com/assets/ 		536 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/header-repeat.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
f6fab96005f5f6817b6426c196c75a2378dc954dca1b596d96d22d8a3943cbf6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
header-bg.jpg
secure.whatsthatcharge.com/assets/ 		52 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/header-bg.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
8de6476905ab95aa152b819762f1a2a1e3b91c0909d7476581428f5db25b86fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
header-seperator.jpg
secure.whatsthatcharge.com/assets/ 		368 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/header-seperator.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
e0ce2a53aea3cc7fcb4ef50990199f89d13a209ec5fcbd9639d09902694db867
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
search-bg.png
secure.whatsthatcharge.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/search-bg.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
e526a99f44195ef6627a86dbfab7a939d8399d3d175c940a5b703fe1364a7bae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
content-mid.png
secure.whatsthatcharge.com/assets/ 		1 KB
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/content-mid.png
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
f1f71f02d894708786a2d03b71b719d7983f45333226a0d2fa62659c9642dc05
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/png
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
btm-bullet.jpg
secure.whatsthatcharge.com/assets/ 		532 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.whatsthatcharge.com/assets/btm-bullet.jpg
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.86.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-86-54.compute-1.amazonaws.com
Software
thin /
Resource Hash
20c762b21188b039d3d29d0b762778c655034b7453ea1546b370ca35e7c07ac4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure.whatsthatcharge.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
Cookie
_WhatsThatCharge_session=dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/assets/application-0c9e17ec3c3d13383a1b485442d587ec6af9b71dfa4ffe2c3c45ec782d2de184.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 00:42:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:51:12 GMT
Server
thin
Vary
Accept-Encoding
Content-Type
image/jpeg
Via
1.1 vegur
Connection
close
Strict-Transport-Security
max-age=63072000; includeSubDomains
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
6949
date
Wed, 13 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 14 Oct 2021 00:46:57 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
6319
date
Wed, 13 Oct 2021 22:57:27 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 14 Oct 2021 00:57:27 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99876
x-xss-protection
0
server
cafe
etag
5725214712622718827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 00:42:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame A29E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211011/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 20:21:55 GMT
expires
Wed, 27 Oct 2021 20:21:55 GMT
content-type
text/html; charset=UTF-8
etag
414810510046348021
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4645
x-xss-protection
0
age
15651
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1760310160&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ul=en-us&de=UTF-8&dt=What%27s%20That%20Charge%3F!%20Identify%20those%20mysterious%20charges%20on%20your%20credit%20card%20statement&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=2082465968&gjid=479400977&cid=1659286404.1634172167&tid=UA-39377463-1&_gid=1117199508.1634172167&_r=1&_slc=1&z=1485377989
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.whatsthatcharge.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 00:42:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.whatsthatcharge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1604727058&utmhn=secure.whatsthatcharge.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=What%27s%20That%20Charge%3F!%20Identify%20those%20mysterious%20charges%20on%20your%20credit%20card%20statement&utmhid=1760310160&utmr=-&utmp=%2F&utmht=1634172166747&utmac=UA-39377463-2&utmcc=__utma%3D29181118.1659286404.1634172167.1634172167.1634172167.1%3B%2B__utmz%3D29181118.1634172167.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2332127&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 00:42:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		209 B
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=secure.whatsthatcharge.com&callback=_gfp_s_&client=ca-pub-0908030887665585
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c316a07b0426e0dc3cba1d7bd707941893ddd5a46732f4dfdb4787ec54f657ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=secure.whatsthatcharge.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 00:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=secure.whatsthatcharge.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 00:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 80F3 		121 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67b5db936c6c9b1069e4520a85a97ac481a7ce818f89d7fcb4c187533c408128
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJathdzVyPMCFYOFgwcdVsQKPA&gqi=Bn1nYcLaMeSqrATKsy8&layout=/sadbundle/%24csp%253Der3%24/11323580231088579027/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJathdzVyPMCFYOFgwcdVsQKPA&gqi=Bn1nYcLaMeSqrATKsy8&layout=/sadbundle/%24csp%253Der3%24/11323580231088579027/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Oct 2021 00:42:47 GMT
server
cafe
content-length
37732
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 00:57:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 00:42:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F925 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&adk=1812271804&adf=3025194257&lmt=1634172166&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166713&bpp=1&bdt=775&idt=101&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=209x600&nras=1&correlator=6527124336681&frm=20&pv=1&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0908030887665585&output=html&adk=1812271804&adf=3025194257&lmt=1634172166&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166713&bpp=1&bdt=775&idt=101&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=209x600&nras=1&correlator=6527124336681&frm=20&pv=1&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=110
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 00:42:46 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 00:57:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 00:42:46 GMT
cache-control
private
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
573287fc0eb98afab109ca0a8eca9da420422e68356f1c7b9c8a0d62905607e0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/11323580231088579027/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
3131
date
Wed, 13 Oct 2021 16:31:36 GMT
expires
Thu, 13 Oct 2022 16:31:36 GMT
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
29471
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 6D71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9VBrBn1nYZaSMoOLjuwP1oir4AOMrqDRZa_Wnp__DbCQHxABIKDulR1glfrwgYwHyAEJqQJUtRUXrHOzPqgDAcgDSKoE5AFP0EpRmSLbCK_gCTxMSqf7e3EmKInoqMEAJLg4YHDflQvqec8gcl9PC3snqIVMRTdlEtN0gln3qqqw9hlXKgIBKfMav_9o_PxsQh6i84-ot12kzEPFempgxJLZ9VDE26NuAUibLbmlYXIBA9yKWy8AWfdUz18h10HE2PGSWA4zwLZbcLLJ7PS0LpOmeMBOaUQZ7_WdQil0cHT8o7QgZAnkkYol3Qql-jGcJedsyJf19O4MToNrF4adGwfRlB5ilwVoA4JtQDAJLNq38XB2pAtK5ilTVzkx8BNJC9XHYXzNdd5Dr2_ABKCx2NHlA6AGLoAHz8PmqgKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEMKNXNIICQiA4YAQEAEYX4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0wOTA4MDMwODg3NjY1NTg1GAA&sigh=dFbHBs6YYLk&template_id=419
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 14 Oct 2021 00:42:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 14 Oct 2021 00:42:47 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 6D71 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 00:30:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 6D71 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 00:35:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D71 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 00:42:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 6D71 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Oct 2021 00:24:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5009 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmCC6sBG9QhLwUKNi6TLHrHnd-iitdDXDJXIJUwBvyEUm9qL0JJp-bXX5P4F6k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 14 Oct 2021 00:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E32A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 14 Oct 2021 13:46:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E32A 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 14 Oct 2021 13:46:49 GMT
HYPE-734.thin.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/HYPE-734.thin.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5b8a09f98fe3daed619464cbd428f1c43dd42241ca261bb03e726abcd3e9080
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29576
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24438
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:51 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5009
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmCC6sBG9QhLwUKNi6TLHrHnd-iitdDXDJXIJUwBvyEUm9qL0JJp-bXX5P4F6k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 00:42:47 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 14-Oct-2021 01:42:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 00:42:47 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 00:42:47 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6D71 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02c0b81f092442909699ebc17bc84387fc2b26014005f6eca5647a5ea96a6d6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
mynd13.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/mynd13.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbd91713978869a649486d2d6e717f117a1d1511aab4e7cdff263f3a881f05f8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20589
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
mynd15.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/mynd15.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
121247c9e82357507c1caa7122dab3f6906e271d2146333a144e544b02f8e9b0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35861
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
frame-open.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/frame-open.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a663a39c977af36f21baa6eb35be48d813e926ba596fe0841827451959a003a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2066
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
line.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/line.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ffd68eedd6abc57f6084d6af04637e4b7def9f0f09cb2c92032842a9cdc7002
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
Re.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/Re.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2df1594ab0699dcb1279f37850f6638f3d6fd5ea74aa601b3fdfd877e6c7c6bc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4538
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
Reykjavik.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		12 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/Reykjavik.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69da10e42eca0c18a266771b7a624f9ccf012df16c94020f8b60b2b7652a4cf9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8200
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
Restart.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		9 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/Restart.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18fda55e44fecb5858e6dd173bab9ff38013d041447b3f48cf0ea3057649f42a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6094
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
your-travels.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		11 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/your-travels.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24b35b82c34b20c9a5a4ab72b0e8cf5362c0b2dce8f1356fe9b90cff8eaa2a5c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6574
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
logo-Reykjavik.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		13 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/logo-Reykjavik.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a9088b5575e68c3d2308cfb1f7d8cb9334968e40f6a4bfbb43ade47f325dd15
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8119
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
btn-here.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/ Frame E32A 		2 KB
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11323580231088579027/btn-here.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfefa3ce20d3619d2b31d939ac45b506c31289033b56aab1a7e49e58c75221aa
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
29575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
737
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 16:15:13 GMT
server
sffe
date
Wed, 13 Oct 2021 16:29:52 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Oct 2022 16:29:52 GMT
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: secure.whatsthatcharge.com
URL: https://secure.whatsthatcharge.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
VW8CCHGKR4ZK6Z03
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by
cache-fra19152-FRA
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1634172168.605853,VS0,VE0
date
Thu, 14 Oct 2021 00:42:47 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1274
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b86014ed356b82c9c5ceed7833a95443a88258d8619c84240690bcea72036eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 00:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8598
x-xss-protection
0
EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
pagead2.googlesyndication.com/bg/ Frame E32A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 21:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
11749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 13 Oct 2022 21:26:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0908030887665585&plah=secure.whatsthatcharge.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 00:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 14 Oct 2021 00:42:47 GMT
8a15b6e7db
bam.nr-data.net/1/ 		57 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8a15b6e7db?a=3952448&v=1210.e2a3f80&to=Il5cQUFWVF9URU5aXAxUHVxdXV1L&rst=2146&ck=1&ref=https://secure.whatsthatcharge.com/&qt=2&ap=47&be=408&fe=2029&dc=1094&perf=%7B%22timing%22:%7B%22of%22:1634172165549,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:12,%22c%22:12,%22s%22:13,%22ce%22:227,%22rq%22:227,%22rp%22:386,%22rpe%22:389,%22dl%22:388,%22di%22:1094,%22ds%22:1094,%22de%22:1100,%22dc%22:2029,%22l%22:2029,%22le%22:2031%7D,%22navigation%22:%7B%7D%7D&fp=1121&fcp=1121&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 93BD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 13 Oct 2021 19:06:00 GMT
expires
Thu, 13 Oct 2022 19:06:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
20207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5993 		783 B
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d64d0f8d600f1497b47b37a81a8a18a0e4de0cd4bfc289e664ac7811b836b5fa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3LGLL6kAO+WNxlZ4gX8AOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.whatsthatcharge.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 14 Oct 2021 00:42:47 GMT
date
Thu, 14 Oct 2021 00:42:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-3LGLL6kAO+WNxlZ4gX8AOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
pagead2.googlesyndication.com/bg/ Frame 93BD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EoFyo3zKq1mkgzvYf9HJ3W9DhbWUwEn_nMzaMw4xO6A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 21:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
11749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 13 Oct 2022 21:26:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5993 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=4486012864482736&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=4486012864482736&bg=!MjGlMXXNAAbGFvHlxhY7ACkAdvg8WqQGaWghNefpy8G9KDIB_izR0orfD7O77pfcsuvGiTkaEDDM8QIAAACJUgAAAAxoAQeZAq31p5bYDNEY4ydwLDG-M5rGMGfUu2s4Bnba4qB3kJjhN_JDiEfBaf8453Ce7AobIFk6j4yxixRBcpyy9U8lB-btTdSJFsRvLeu_JeubuwavWt5WsGFzlJJMat5g99K5stE4v2c-UgflP2ROCB2IZa1fhbMsPUe28kz88ipZ92AUYL8EuEH32DVm1UiMrYJkOwLES8-SVYBOBBuTZy--w4tnZkPN0vaV0lu9VLuY1jFsRWbjs_FeoiPN6ZKd6htaq3JPCiC72dt4eMFGXIZJs-ZN8Ndz7BGYuWBd7Oigb7EG5yJiBkrApKhF3WaqZf2vgm7KpYjSkbvxmfw5mwSmC1fQJDrxLWHBtv91dLCvmpkQpS8MT-_RXCdkcbu6dhREih8kp1xIVsj7jljURve2597DEXFpEwJiwS_4KuttznsLe5pHamchUVHf9lKXG5Uwz9YIpCL_yzRyN1W2jzChQGvI2C0QoVZGJ1hvYfwVr5r1xOlWkgMfigL2pFH-_RWzqUW2BkjN3la119x6PrHEbF24oyjtSeLZda1LTW-MZ5ubYulQf8OyE9twd-Ji08NWkVBvNq4fJEIh1rc-ndN7tbQlTLmCbfuax9pDBqCtr3mOSolltBNv8P3Vr7gqvJhnTUuZWx-ft_Wbqhs2wwqpExEAl6nlXHF8pFA2XCysNCfiIqJ7sQx8o610b3iDSeGn6tuGeXNVzB70BZVL_Im_ZbCRhHh418v___ovL53tPJ6JAABgb7n_L1F6ZsmyoA-JNHR-6HlgS9cKNIi3-zbmLzMhoaxQTVXB6LpqUbZ5s5VzOKTp83-YgIViO7a0yo59v8RwVhif4LJRQIzvrrZoLx3N-MCiGc-LnYmWKsWIqsekaF6qdrq-VsfDPVby2RQas9lKQbDLn8Rp81VJVQ3G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure.whatsthatcharge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 00:42:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6D71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIBtPBn1nYZaSMoOLjuwP1oir4AOMrqDRZa_Wnp__DbCQHxABIKDulR1glfrwgYwHyAEJqQJUtRUXrHOzPqgDAaoE5AFP0EpRmSLbCK_gCTxMSqf7e3EmKInoqMEAJLg4YHDflQvqec8gcl9PC3snqIVMRTdlEtN0gln3qqqw9hlXKgIBKfMav_9o_PxsQh6i84-ot12kzEPFempgxJLZ9VDE26NuAUibLbmlYXIBA9yKWy8AWfdUz18h10HE2PGSWA4zwLZbcLLJ7PS0LpOmeMBOaUQZ7_WdQil0cHT8o7QgZAnkkYol3Qql-jGcJedsyJf19O4MToNrF4adGwfRlB5ilwVoA4JtQDAJLNq38XB2pAtK5ilTVzkx8BNJC9XHYXzNdd5Dr2_ABKCx2NHlA6AGLoAHz8PmqgKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEMKNXNIICQiA4YAQEAEYX4AKAcgLAdgTA9AVAYAXAbIXHAoaCAASFHB1Yi0wOTA4MDMwODg3NjY1NTg1GAA&sigh=jK-SQzu103Y&vt=1&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0908030887665585&output=html&h=600&slotname=0303354662&adk=1687073823&adf=3350072415&pi=t.ma~as.0303354662&w=209&fwrn=4&fwrnh=100&lmt=1634172166&rafmt=1&psa=0&format=209x600&url=https%3A%2F%2Fsecure.whatsthatcharge.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634172166692&bpp=8&bdt=754&idt=92&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6527124336681&frm=20&pv=2&ga_vid=1659286404.1634172167&ga_sid=1634172167&ga_hid=1760310160&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1177&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725%2C31062525&oid=2&pvsid=4486012864482736&pem=128&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ma9VaKlwFf&p=https%3A//secure.whatsthatcharge.com&dtd=111
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 14 Oct 2021 00:42:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6D71 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJsdw1zWb_AanhHiZ17XwkrAqXQyAC05ray-EeUPXh-6zVYeL2_pxxknk___na7zsC1nI_Mm_Z6tMJ3g7LXEGB4MPkHXSuMm-E0zaj&sai=AMfl-YQB3AoQzoF7KS6NrMe0mrl5k3FuFrP9MCX7gvT3Vuf1xjuQke7bBPXd28Jywv6vHDL86KvlbdQRZfxW&sig=Cg0ArKJSzGT1Iy2284YZEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1687073823&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634172167381&rpt=141&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 00:42:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require object| ua function| domReady object| cssHelper function| Init function| SortAndRemoveDuplicates function| MakeUppercase function| NewPostSubmitted function| getParameterByName function| updateReportBody function| $ function| jQuery object| jQuery112404660851858000883 object| adsbygoogle string| GoogleAnalyticsObject function| ga object| _gaq function| trackOutboundLink object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _gat function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
secure.whatsthatcharge.com/ Name: _WhatsThatCharge_session
Value: dWVMb05Ea1NPNkNybTRMbTBwdEJObXlmeng5RlgzWTBFVHYyQmVaLzZkQWhKYmdubHFGdHhCSWVNeXdXdU9nVFA3b1UxSEd4eUZCQjhObmo2bVZzMVlWVFpTZ2pXNmp5NGJTM2RrRkpTS0xWTEdFRTlTMkdJRTRzQzdZVWxCTDRYU3J0eGk1Sy8xcVlyamZ1YW1aMk16SDh6YjBtR3NkWmtFbS9KcnNvWE5KeHBJZ2VFb2kwQlRlaXdYOExVQ3BSLS0xb29ETHlhcmZ4MWtFS0lXVzgxU1lRPT0%3D--1ae35b05da7982d0f3c8e3985f1e10b007807c32
.whatsthatcharge.com/ Name: _ga
Value: GA1.2.1659286404.1634172167
.whatsthatcharge.com/ Name: _gid
Value: GA1.2.1117199508.1634172167
.whatsthatcharge.com/ Name: _gat
Value: 1
.secure.whatsthatcharge.com/ Name: __utma
Value: 29181118.1659286404.1634172167.1634172167.1634172167.1
.secure.whatsthatcharge.com/ Name: __utmc
Value: 29181118
.secure.whatsthatcharge.com/ Name: __utmz
Value: 29181118.1634172167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.secure.whatsthatcharge.com/ Name: __utmt
Value: 1
.secure.whatsthatcharge.com/ Name: __utmb
Value: 29181118.1.10.1634172167
.whatsthatcharge.com/ Name: __gads
Value: ID=45a4c7896614b3c0-2281cc21f3ca0091:T=1634172166:RT=1634172166:S=ALNI_MZRDqchWIxBKLQw1dV08gF4cEc2zQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmCC6sBG9QhLwUKNi6TLHrHnd-iitdDXDJXIJUwBvyEUm9qL0JJp-bXX5P4F6k
.doubleclick.net/ Name: DSID
Value: NO_DATA
.nr-data.net/ Name: JSESSIONID
Value: d96c41e070f5e72d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bam.nr-data.net
googleads.g.doubleclick.net
js-agent.newrelic.com
pagead2.googlesyndication.com
partner.googleadservices.com
secure.whatsthatcharge.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.184.226
151.101.2.137
162.247.242.19
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
34.206.86.54
02c0b81f092442909699ebc17bc84387fc2b26014005f6eca5647a5ea96a6d6c
09da582b3b428a285ad19e62d5e6a28250f2ca784f0d970062e22a64769efc0a
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
121247c9e82357507c1caa7122dab3f6906e271d2146333a144e544b02f8e9b0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
128172a37ccaab59a4833bd87fd1c9dd6f4385b594c049ff9cccda330e313ba0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18fda55e44fecb5858e6dd173bab9ff38013d041447b3f48cf0ea3057649f42a
1a663a39c977af36f21baa6eb35be48d813e926ba596fe0841827451959a003a
20c762b21188b039d3d29d0b762778c655034b7453ea1546b370ca35e7c07ac4
24b35b82c34b20c9a5a4ab72b0e8cf5362c0b2dce8f1356fe9b90cff8eaa2a5c
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
2df1594ab0699dcb1279f37850f6638f3d6fd5ea74aa601b3fdfd877e6c7c6bc
2e0a6dad7dab750f88e76086b169c956a0087a8858d55197bc857ed9873a315d
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3a9088b5575e68c3d2308cfb1f7d8cb9334968e40f6a4bfbb43ade47f325dd15
3c6a08f2c1fb01fe037ab9f85551e96be46c1206a2cf776174690773621d7e0c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
573287fc0eb98afab109ca0a8eca9da420422e68356f1c7b9c8a0d62905607e0
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5dab2b018dc3eb1a7f0fd91b664682509390ca953f4f63ca4b3d9013616aa761
60eddd1a150db3e4be1c3e60b92fb5a0695f7f92cfd369ca13795d46836819ab
67b5db936c6c9b1069e4520a85a97ac481a7ce818f89d7fcb4c187533c408128
69da10e42eca0c18a266771b7a624f9ccf012df16c94020f8b60b2b7652a4cf9
7ffd68eedd6abc57f6084d6af04637e4b7def9f0f09cb2c92032842a9cdc7002
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a5e5884b22897a302f58e6c646b83ce28ad7424354eb016eae2c9db92ba85b1
8de6476905ab95aa152b819762f1a2a1e3b91c0909d7476581428f5db25b86fd
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b8a09f98fe3daed619464cbd428f1c43dd42241ca261bb03e726abcd3e9080
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
af6ddb33b04df002ef9a9e9f65ea9494469353953fc02cf16cfdfc7838ede869
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b86014ed356b82c9c5ceed7833a95443a88258d8619c84240690bcea72036eeb
bbd91713978869a649486d2d6e717f117a1d1511aab4e7cdff263f3a881f05f8
bce52636c950ed185642a56bf86230b16f226fafba9a62189a7402a479f65334
c316a07b0426e0dc3cba1d7bd707941893ddd5a46732f4dfdb4787ec54f657ec
d64d0f8d600f1497b47b37a81a8a18a0e4de0cd4bfc289e664ac7811b836b5fa
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dd346bd43b9b906e685f7a8eb0962970f5b54043259bbcceb5e57edb2b448b00
dfefa3ce20d3619d2b31d939ac45b506c31289033b56aab1a7e49e58c75221aa
e0ce2a53aea3cc7fcb4ef50990199f89d13a209ec5fcbd9639d09902694db867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e526a99f44195ef6627a86dbfab7a939d8399d3d175c940a5b703fe1364a7bae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f71f02d894708786a2d03b71b719d7983f45333226a0d2fa62659c9642dc05
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6fab96005f5f6817b6426c196c75a2378dc954dca1b596d96d22d8a3943cbf6
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdd61f148d690dba5860478ea1cc0a665b288c216476965fcba4b72439296a2b