careconnect.kr Open in urlscan Pro
118.67.131.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://careconnect.kr/
Submission: On February 25 via api (February 25th 2024, 8:00:06 am UTC) from IN — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 43 HTTP transactions. The main IP is 118.67.131.217, located in Korea, Republic Of and belongs to NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG. The main domain is careconnect.kr.

This is the only time careconnect.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	118.67.131.217 118.67.131.217	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
1 3	27.96.134.25 27.96.134.25	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
11	220.230.126.70 220.230.126.70	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::a 2a02:2638:3::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	() ()
8	2a00:1450:400... 2a00:1450:4001:829::2001	() ()
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	() ()
2	142.250.186.162 142.250.186.162	() ()
43	14

1 118.67.131.217 (Korea, Republic Of)

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

careconnect.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 27.96.134.25 (Korea, Republic Of) 1 redirects

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 220.230.126.70 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

www.yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com	347 KB
14	yesnic.com 1 redirects yesnic.com www.yesnic.com	540 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	43 KB
4	criteo.com 1 redirects cas.criteo.com — Cisco Umbrella Rank: 19894 gum.criteo.com mug.criteo.com	8 KB
2	googleadservices.com www.googleadservices.com
2	google.com 1 redirects www.google.com	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 306	1 MB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 590	17 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 686	41 KB
1	careconnect.kr careconnect.kr	736 B
43	10

	Domain	Requested by
11	www.yesnic.com	careconnect.kr www.yesnic.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	www.yesnic.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
3	yesnic.com	1 redirects www.yesnic.com
2	www.googleadservices.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.jsdelivr.net	www.yesnic.com
1	mug.criteo.com	www.yesnic.com
1	cas.criteo.com	static.criteo.net
1	ssl.google-analytics.com	www.yesnic.com
1	static.criteo.net	www.yesnic.com
1	careconnect.kr
43	14

This site contains no links.

Subject Issuer	Validity	Valid
domain.whois.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-10-16` - `2024-11-13`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://careconnect.kr/
Frame ID: 3590FF96AC59D6EFB71F56034780A680
Requests: 1 HTTP requests in this frame

Frame: https://www.yesnic.com/?_task=fp&_action=basic
Frame ID: 163978F68F725CE0A974AF1817975578
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: 7A8313005F2540F783CE18B0D881BF05
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=careconnect.kr
Frame ID: 952FFEA8D187447131AD3CF1B1E9F648
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1708848005&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&wgl=1&dt=1708848005362&bpp=2&bdt=1579&idt=211&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&correlator=3032373364481&frm=22&ife=1&pv=2&ga_vid=1934301077.1708848006&ga_sid=1708848006&ga_hid=1132055074&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31081153%2C31081318%2C95322746%2C95325069%2C31081331%2C95322195%2C95320868%2C95324155%2C95324160%2C95325792&oid=2&pvsid=1712839639805100&tmod=1843187517&uas=0&nvt=1&top=http%3A%2F%2Fcareconnect.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ok6c4vber1hn&fsb=1&dtd=221
Frame ID: D92330D99BFA8F81386A21C5D764A956
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E993806840EFB0D6E4B26FBFC400502B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js
Frame ID: 70ED51513A6282032EB39DD48996015D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9991C28331337D714ACFBD0823E1C2B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDBAC96271E247BCAEA6741881B36707
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

93 %
HTTPS

69 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

2141 kB
Transfer

2957 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yesnic.com/?_task=fp&_action=basic HTTP 301
https://www.yesnic.com/?_task=fp&_action=basic

Request Chain 22

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.yesnic.com&sn=ChromeSyncframe&so=0&topUrl=careconnect.kr&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uDCw_HxNREVWVTdUaVlNdUpwVDRsdUZuRW4vUStsaXFoZHcxV1EzZDBDOHhnck5wY0ZEaC9wWS9WNWFDUVVRT0R1K29DYkgwYVJTWWZkMHdHZjVvTzk5Y0ZQWURodXFwdTZPTEZLNUQ4cURweUZuMFpJajA2ZXNDeGNkcnNzckhOU3ZWU0VKS0QyM3BWajBLRnQzMlJHNXIxc0dMYWNNZGJHUmtWb2FRckowbzdjY2xVd3A0Sk1lVzNnZ0pWbEJjL2dtQnVNUzNpZ2FWZ0NtVlo3NUtJZFoveVlWZzI0Y0p2MXU2K21rS1ppb2ZRVkFCVS96N1FqeUdvS1B6RXo5a1J4M28vUlZsSmtiM0pnLzU3bWpyUE5vMUZVNnZpN0FnMGVaYWZwWXZ0SFU3SzJNOGV6NU80V2Q2VzRQZTdFV2VJY0I1eXw&cppv=2

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 33

https://googleads.g.doubleclick.net/pagead/adview?ai=CUvVPhfPaZYDZKYjG1fAPquWL2AvDoO6Ddoqc3f3TEuiqtpWLAxABINar1xtgleKQgqAHoAHmoPjQAsgBAqgDAcgDyQSqBM4BT9DhIfYpVWuf31y5u5wtnu3YJ9Bn3TToKbwgfJkgmQ6N_BWPwamWl1IEmGJIvxJdZF-NusQcf8FWzmox32lcBWqJUQm_8uwQsIz5Q1aL1yRO2vnBxhdoNSp5LqTj73RNug6ATdPNkertN220hgJpaElFmmdtMl1_Y7l1wSS7zSD4cj4fOD4Ogq6uHWDk5p2iXOBPoy1AfPbnxNYe0FasVaLIa6WruEI0U3IumGcn5j47h5RxKv3WZb6aJnoYNpQTFHaBgSgTZ6YheZlt34jABK2sk5DFBIgF7p_Zq0ySBQQIBBgBkgUECAUYBKAGAoAHgt-HrwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCe5QPSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAlAhIvf3BOlinyunygsaEA5oJM2h0dHBzOi8vZ2V0ZWFzeXBkZi5jb20vcGRmL2xwND90eXBlPXZpZXdwZGYmbGFuZz1kZYAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi00MDA3NzE1NTg5MTcwMDE1GAA&sigh=WTn2cScz14M&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_mRppIM1Yx0Y3CpzyIwksbmfrjawDWaVpip0-CZC2Rx9eBUhIrObA2x80tjDSSnK9V8hLurJU3_BqtjUTbIp7MtaYDaBksUjcdhgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229114958873474853560%22,%22debug_reporting%22:true,%22destination%22:%22https://geteasypdf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22706613350%22],%2222%22:[%22true%22],%224%22:[%2202-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229836113735590129153%22}&andc=true

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
careconnect.kr/ 480 B
736 B 1123ms
252ms Document
text/html 118.67.131.217
NBPAP-AS-AP NAVER...

General

Check archive.org

Show headers Download Go to

Full URL: http://careconnect.kr/
Protocol: HTTP/1.1
Server: 118.67.131.217 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Length: 480
Content-Type: text/html; charset=euc-kr
Date: Sun, 25 Feb 2024 08:00:01 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"

GET
H/1.1

200
OK

/ Show response
www.yesnic.com/ Frame 1639
Redirect Chain

http://yesnic.com/?_task=fp&_action=basic
https://www.yesnic.com/?_task=fp&_action=basic

12 KB
12 KB

1297ms
282ms

Document
text/html

220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/?_task=fp&_action=basic
Requested by: Host: careconnect.kr
URL: http://careconnect.kr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: aa52fb580ea0b0900e2036c56461d882454886090e549597deb8e0bd6cd79cb0

Request headers

Referer: http://careconnect.kr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Feb 2024 08:00:03 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 258
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 25 Feb 2024 08:00:02 GMT
Keep-Alive: timeout=15, max=100
Location: https://www.yesnic.com/?_task=fp&_action=basic
Server: Apache

GET
H/1.1 200
OK style_forward_2021.css
www.yesnic.com/templates/yesnic/css/ Frame 1639 13 KB
13 KB 255ms
254ms Stylesheet
text/css 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 2e29d0afff05c98cb69b48a77d024a51ebb85c48a89cb99c4253ef1efce5709d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:04 GMT
Last-Modified: Wed, 14 Feb 2024 00:17:28 GMT
Server: Apache
ETag: "3297-6114c6fa92604"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 12951

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.yesnic.com/js/ Frame 1639 94 KB
94 KB 243ms
242ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/jquery-1.11.3.min.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:04 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "176d5-5f15450c7318a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 95957

GET
H/1.1 200
OK common.js Show response
www.yesnic.com/js/ Frame 1639 54 KB
55 KB 509ms
254ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/common.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: e1dd6d68e00d98fe5bfbc6b196ff6b9538eb44dae9a7b386e9c4aea3e156d80e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:04 GMT
Last-Modified: Tue, 08 Aug 2023 05:13:18 GMT
Server: Apache
ETag: "d974-602626bc160b2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 55668

GET
H/1.1 200
OK apps.js Show response
www.yesnic.com/js/ Frame 1639 2 KB
2 KB 720ms
240ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/apps.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:04 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "6f7-5f15450c7124a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1783

GET
H/1.1 200
OK parking_basic.js Show response
www.yesnic.com/js/ Frame 1639 2 KB
3 KB 726ms
242ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/parking_basic.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: b8f32ce5d6e08fad5854ae7bab81127ce5a0b3031f6a62b62700f77add7dfa86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:04 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "98a-5f15450c74ce2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2442

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 1639 127 KB
41 KB 51ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f57ef0ba2787377eb267380c7fbee757dd07f645a1a31cac1f8931686ef45801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-1fd8c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Feb 2024 08:00:04 GMT

GET
H/1.1 200
OK img_https.svg
yesnic.com/templates/yesnic/images/ Frame 1639 7 KB
7 KB 243ms
243ms Image
image/svg+xml 27.96.134.25
NBPAP-AS-AP NAVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yesnic.com/templates/yesnic/images/img_https.svg
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 27.96.134.25 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software: Apache /
Resource Hash: b23bb9ed14289db8165b4f80b149835bcdc47b56fe59dd2d2c5ecb968a3a299f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:05 GMT
Last-Modified: Wed, 29 Mar 2023 02:50:38 GMT
Server: Apache
ETag: "1a2d-5f8010a7f4c2a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 6701

GET
H/1.1 200
OK logo_y_n.svg
yesnic.com/templates/yesnic/images/ Frame 1639 7 KB
7 KB 973ms
242ms Image
image/svg+xml 27.96.134.25
NBPAP-AS-AP NAVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yesnic.com/templates/yesnic/images/logo_y_n.svg
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 27.96.134.25 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software: Apache /
Resource Hash: 66a3fe092264c1ba162aad79ff1f4b645bde1d74a6d231f8d7689e021857282f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:04 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:19 GMT
Server: Apache
ETag: "1ad3-5f15450d4e555"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 6867

GET
H/1.1 200
OK parking_mail_nc.png
www.yesnic.com/templates/yesnic/images/ Frame 1639 12 KB
12 KB 741ms
247ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/parking_mail_nc.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: b84cefa73073de242a7d90568b522924b3fc2694ac7dd44fc9d735f25d44d483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:04 GMT
Last-Modified: Wed, 18 Jan 2023 00:23:34 GMT
Server: Apache
ETag: "3032-5f27ed3a67ae3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 12338

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1639 146 KB
51 KB 177ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68969356d48f69a33307e2f11a3350de565885b414b12cc4e24225f722b285cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51206
x-xss-protection: 0
server: cafe
etag: 6989210680288190075
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 25 Feb 2024 08:00:05 GMT

GET
H/1.1 200
OK bulk_check_domain_types_utf.php Show response
www.yesnic.com/js/ Frame 1639 8 KB
8 KB 267ms
267ms Script
text/html 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/bulk_check_domain_types_utf.php
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/js/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 361a1d7c503a633f9355904b3aab26eeda17c9d659eccc7e061cdf4ca1ab8066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=97
Content-Length: 7772
Content-Type: text/html; charset=UTF-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 1639 45 KB
17 KB 98ms
6ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Feb 2024 06:02:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7028
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 25 Feb 2024 08:02:57 GMT

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ Frame 1639 222 B
1013 B 107ms
16ms Script
text/javascript 2a02:2638:3::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.criteo.com/delivery/ajs.php?ptv=150&zoneid=806582&cb=73698830493&nodis=1&charset=UTF-8&dc=2&loc=http%3A%2F%2Fcareconnect.kr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

82042637dce2646f9b47a8ba7fef7dcb67da8fb67ee58319994ba1e322954b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3153753
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ban_kr_event2306.png
www.yesnic.com/templates/yesnic/images/ Frame 1639 28 KB
29 KB 268ms
268ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/ban_kr_event2306.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 3f54c548197c187e9b199b96e441a4a5abc0cd00417780b9bd415113c4cbafa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:05 GMT
Last-Modified: Fri, 02 Jun 2023 01:44:20 GMT
Server: Apache
ETag: "70fe-5fd1bb1118a86"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 28926

GET
H/1.1 200
OK icon_arrow3.png
www.yesnic.com/templates/yesnic/images/ Frame 1639 1 KB
2 KB 248ms
248ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/icon_arrow3.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 1edeb8f7974a9cc4d5a16ea479ce777e92e51f5dcd9ad8cb477be8b6fa1cbfdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:05 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "5c9-5f15450d1572e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 1481

GET
H/1.1 200
OK parking_mail_banner_bg3.png
www.yesnic.com/templates/yesnic/images/ Frame 1639 297 KB
297 KB 244ms
243ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/parking_mail_banner_bg3.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: a4e82cf2d5503a0cfda85745596dec97fe721685a98a4bed44dc8388e0cdc1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sun, 25 Feb 2024 08:00:05 GMT
Last-Modified: Wed, 18 Jan 2023 00:23:34 GMT
Server: Apache
ETag: "4a43e-5f27ed3a5dea4"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 304190

GET
H2 200 GmarketSansMedium.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 1639 596 KB
598 KB 102ms
19ms Font
font/woff 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansMedium.woff

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yesnic.com/
Origin: https://www.yesnic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7525878
x-jsd-version: 1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 610480
x-served-by: cache-fra-etou8220027-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"950b0-lZxjrSk7X3rBZyjq4AMXERjnOE8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCHJ6Q%2BrJvQZpYTCcF801Ww4ABPZrFaEdgRMOSodBhpe9BK3ZMp5mzlQ9jKhaiMDAKpMQwtsrWSQ1qm%2FwTspjUd8lDdfUoho7PmLBHEfHZL3wsGUfVyDLEPuPB%2BDf084fPspVrAhQhFD41LLz2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ae69a1efd119a0-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ Frame 1639 408 KB
138 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4007715589170015&plah=www.yesnic.com&aplac=true&bust=31081331

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d868f1fc3212edd3a272e86552fbcef8f1a9ea4615f43ea8810f3d34223e84a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141468
x-xss-protection: 0
server: cafe
etag: 10763680478012303654
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 08:00:05 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 7A83 9 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 16:21:09 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 16:21:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GmarketSansLight.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 1639 547 KB
548 KB 19ms
17ms Font
font/woff 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansLight.woff

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35dbd7fb0ee986ebaefae727cab6c12b35782ea1663e79f3db7f8f145ca5e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yesnic.com/
Origin: https://www.yesnic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8990713
x-jsd-version: 1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 559744
x-served-by: cache-fra-eddf8230028-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"88a80-9pAnPDJmyd70cVlA3j4DRVtXc+Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE2pnq9%2FGdS1NTPUB05SQ%2BanBQeIzH9aM2aqN7mS%2FKaw02d%2F18DB%2BShXAfXTBl%2BYdyzsPYGZepEIRdsEBu0w%2FSeJFUBSt%2Fa42GyL1v5fY1XtBg17P62YJpREeq%2Bj17xmAOz2Nn2Eiv%2BgVJVwW%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85ae69a20ff519a0-FRA

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 952F 14 KB
6 KB 113ms
16ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=careconnect.kr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 08:00:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 1604319
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame 952F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.yesnic.com&sn=ChromeSyncframe&so=0&topUrl=careconnect.kr&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=uDCw_HxNREVWVTdUaVlNdUpwVDRsdUZuRW4vUStsaXFoZHcxV1EzZDBDOHhnck5wY0ZEaC9wWS9WNWFDUVVRT0R1K29DYkgwYVJTWWZkMHdHZjVvTzk5Y0ZQWURodXFwdTZPTEZLNUQ4cURweUZuMFpJajA2ZXNDeGNkcn...

425 B
651 B

18ms
14ms

Fetch
application/json

2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uDCw_HxNREVWVTdUaVlNdUpwVDRsdUZuRW4vUStsaXFoZHcxV1EzZDBDOHhnck5wY0ZEaC9wWS9WNWFDUVVRT0R1K29DYkgwYVJTWWZkMHdHZjVvTzk5Y0ZQWURodXFwdTZPTEZLNUQ4cURweUZuMFpJajA2ZXNDeGNkcnNzckhOU3ZWU0VKS0QyM3BWajBLRnQzMlJHNXIxc0dMYWNNZGJHUmtWb2FRckowbzdjY2xVd3A0Sk1lVzNnZ0pWbEJjL2dtQnVNUzNpZ2FWZ0NtVlo3NUtJZFoveVlWZzI0Y0p2MXU2K21rS1ppb2ZRVkFCVS96N1FqeUdvS1B6RXo5a1J4M28vUlZsSmtiM0pnLzU3bWpyUE5vMUZVNnZpN0FnMGVaYWZwWXZ0SFU3SzJNOGV6NU80V2Q2VzRQZTdFV2VJY0I1eXw&cppv=2

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

632cd94bb69c05664ed1c24751601fcd13d9547ac4898629f727bc3dd612678d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Feb 2024 08:00:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 866906
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Feb 2024 08:00:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=uDCw_HxNREVWVTdUaVlNdUpwVDRsdUZuRW4vUStsaXFoZHcxV1EzZDBDOHhnck5wY0ZEaC9wWS9WNWFDUVVRT0R1K29DYkgwYVJTWWZkMHdHZjVvTzk5Y0ZQWURodXFwdTZPTEZLNUQ4cURweUZuMFpJajA2ZXNDeGNkcnNzckhOU3ZWU0VKS0QyM3BWajBLRnQzMlJHNXIxc0dMYWNNZGJHUmtWb2FRckowbzdjY2xVd3A0Sk1lVzNnZ0pWbEJjL2dtQnVNUzNpZ2FWZ0NtVlo3NUtJZFoveVlWZzI0Y0p2MXU2K21rS1ppb2ZRVkFCVS96N1FqeUdvS1B6RXo5a1J4M28vUlZsSmtiM0pnLzU3bWpyUE5vMUZVNnZpN0FnMGVaYWZwWXZ0SFU3SzJNOGV6NU80V2Q2VzRQZTdFV2VJY0I1eXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 291786
content-length: 0
expires: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D923 101 KB
38 KB 391ms
389ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1708848005&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&wgl=1&dt=1708848005362&bpp=2&bdt=1579&idt=211&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&correlator=3032373364481&frm=22&ife=1&pv=2&ga_vid=1934301077.1708848006&ga_sid=1708848006&ga_hid=1132055074&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31081153%2C31081318%2C95322746%2C95325069%2C31081331%2C95322195%2C95320868%2C95324155%2C95324160%2C95325792&oid=2&pvsid=1712839639805100&tmod=1843187517&uas=0&nvt=1&top=http%3A%2F%2Fcareconnect.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ok6c4vber1hn&fsb=1&dtd=221

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4007715589170015&plah=www.yesnic.com&aplac=true&bust=31081331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

529e4d749ca8775f1525261762b15ed8d084eb36cf20eba32ce8afbb8fc991a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38798
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 08:00:06 GMT
expires: Sun, 25 Feb 2024 08:00:06 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5324536507048099397
tpc.googlesyndication.com/simgad/ Frame D923 5 KB
6 KB 102ms
13ms Image
image/png 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5324536507048099397?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklMslnByfzZ18OJXEUqlMwaKUF-Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1708848005&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&wgl=1&dt=1708848005362&bpp=2&bdt=1579&idt=211&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&correlator=3032373364481&frm=22&ife=1&pv=2&ga_vid=1934301077.1708848006&ga_sid=1708848006&ga_hid=1132055074&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31081153%2C31081318%2C95322746%2C95325069%2C31081331%2C95322195%2C95320868%2C95324155%2C95324160%2C95325792&oid=2&pvsid=1712839639805100&tmod=1843187517&uas=0&nvt=1&top=http%3A%2F%2Fcareconnect.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ok6c4vber1hn&fsb=1&dtd=221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ca23172a3431c3f72882e1ae7534a4b481d0d85a5b6bce884bd9b921e6a697a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:51:16 GMT
x-content-type-options: nosniff
age: 346130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5457
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 04:39:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Feb 2025 07:51:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame D923 23 KB
9 KB 96ms
7ms Script
text/javascript 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 19:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 19:46:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame D923 3 KB
1 KB 92ms
9ms Script
text/javascript 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 19:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 19:46:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame D923 20 KB
8 KB 95ms
6ms Script
text/javascript 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:01:15 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D923 204 KB
61 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 07:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 08:31:29 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame D923 36 KB
14 KB 94ms
12ms Script
text/javascript 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

11af2195e813c746e06f5dfccc66a824263d97395721fd109fc820cafcc7e1fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 23:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14601
x-xss-protection: 0
server: cafe
etag: 13220165445093104717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Mar 2024 23:13:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E993 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1708848005&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&wgl=1&dt=1708848005362&bpp=2&bdt=1579&idt=211&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&correlator=3032373364481&frm=22&ife=1&pv=2&ga_vid=1934301077.1708848006&ga_sid=1708848006&ga_hid=1132055074&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31081153%2C31081318%2C95322746%2C95325069%2C31081331%2C95322195%2C95320868%2C95324155%2C95324160%2C95325792&oid=2&pvsid=1712839639805100&tmod=1843187517&uas=0&nvt=1&top=http%3A%2F%2Fcareconnect.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ok6c4vber1hn&fsb=1&dtd=221
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 07:30:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E993
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 08:00:06 GMT
expires: Sun, 25 Feb 2024 08:00:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 08:00:06 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D923 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11bf95007086fce731857fd1df798ad82ad8a9497975f33b53846b45d90b33c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D923
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CUvVPhfPaZYDZKYjG1fAPquWL2AvDoO6Ddoqc3f3TEuiqtpWLAxABINar1xtgleKQgqAHoAHmoPjQAsgBAqgDAcgDyQSqBM4BT9DhIfYpVWuf31y5u5wtnu3YJ9Bn3TToKbwgfJkgmQ6N_BW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229114958873474853560%22,%22debug_reporting%22:true,%22destination%22:%22https://geteasypdf.com%22,%22event_report_window%22...

0
0

121ms
40ms

Fetch
text/css

142.250.186.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229114958873474853560%22,%22debug_reporting%22:true,%22destination%22:%22https://geteasypdf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22706613350%22],%2222%22:[%22true%22],%224%22:[%2202-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229836113735590129153%22}&andc=true

Requested by

Protocol

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:06 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9114958873474853560","debug_reporting":true,"destination":"https://geteasypdf.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["706613350"],"22":["true"],"4":["02-25"],"6":["true"]},"priority":"500","source_event_id":"9836113735590129153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Feb 2024 08:00:06 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Feb 2024 08:00:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9114958873474853560","debug_reporting":true,"destination":"https://geteasypdf.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["706613350"],"22":["true"],"4":["02-25"],"6":["true"]},"priority":"500","source_event_id":"9836113735590129153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
38ms Preflight
text/html 142.250.186.162

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 25 Feb 2024 08:00:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1639 16 KB
12 KB 68ms
53ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0012a3b51ff4e66844155713b96880ad05134c28aeabdd20a866ec3d68c72c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12035
x-xss-protection: 0

GET
H3 200 44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js Show response
pagead2.googlesyndication.com/bg/ Frame 70ED 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 14:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 409773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19803
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 14:10:33 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1639 17 KB
7 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 08:00:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9991 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 19:46:47 GMT
expires: Sun, 23 Feb 2025 19:46:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CDBA 829 B
999 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

67f28dae755dfce1d756d319755bc4e54a51b4eb6abc624df046a39658593b8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9_RIQ5UxB3qD0bgUrQISmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9_RIQ5UxB3qD0bgUrQISmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 08:00:06 GMT
expires: Sun, 25 Feb 2024 08:00:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9991 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 21:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 21:31:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CDBA 0
0 38ms
37ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=1712839639805100&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9991 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JsyVeA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 08:00:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.yesnic.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: atuibhqrqkj91ia9oo9cati1t1
.criteo.com/	1970-01-21 04:02:24	Name: uid Value: f1971bcd-4236-4d1a-9ec8-1396caf9e09e
.criteo.com/	1970-01-20 18:40:51	Name: zdi Value: %2A1XB%252beRNLuguvZXWyQK488yQ%253d%253d

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://careconnect.kr/(Line 3) Message: The key "target-densitydpi" is not supported.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://careconnect.kr/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

careconnect.kr
cas.criteo.com
cdn.jsdelivr.net
googleads.g.doubleclick.net
gum.criteo.com
mug.criteo.com
pagead2.googlesyndication.com
ssl.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.yesnic.com
yesnic.com
118.67.131.217
142.250.186.162
220.230.126.70
2606:4700::6810:5514
27.96.134.25
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2008
2a02:2638:3::3
2a02:2638:3::a
2a02:2638:3::c
0012a3b51ff4e66844155713b96880ad05134c28aeabdd20a866ec3d68c72c0c
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
11af2195e813c746e06f5dfccc66a824263d97395721fd109fc820cafcc7e1fc
11bf95007086fce731857fd1df798ad82ad8a9497975f33b53846b45d90b33c7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1edeb8f7974a9cc4d5a16ea479ce777e92e51f5dcd9ad8cb477be8b6fa1cbfdf
24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2
2e29d0afff05c98cb69b48a77d024a51ebb85c48a89cb99c4253ef1efce5709d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35dbd7fb0ee986ebaefae727cab6c12b35782ea1663e79f3db7f8f145ca5e82d
361a1d7c503a633f9355904b3aab26eeda17c9d659eccc7e061cdf4ca1ab8066
3f54c548197c187e9b199b96e441a4a5abc0cd00417780b9bd415113c4cbafa4
529e4d749ca8775f1525261762b15ed8d084eb36cf20eba32ce8afbb8fc991a4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632cd94bb69c05664ed1c24751601fcd13d9547ac4898629f727bc3dd612678d
66a3fe092264c1ba162aad79ff1f4b645bde1d74a6d231f8d7689e021857282f
67f28dae755dfce1d756d319755bc4e54a51b4eb6abc624df046a39658593b8a
68969356d48f69a33307e2f11a3350de565885b414b12cc4e24225f722b285cf
747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97
82042637dce2646f9b47a8ba7fef7dcb67da8fb67ee58319994ba1e322954b64
98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a4e82cf2d5503a0cfda85745596dec97fe721685a98a4bed44dc8388e0cdc1a7
aa52fb580ea0b0900e2036c56461d882454886090e549597deb8e0bd6cd79cb0
b23bb9ed14289db8165b4f80b149835bcdc47b56fe59dd2d2c5ecb968a3a299f
b84cefa73073de242a7d90568b522924b3fc2694ac7dd44fc9d735f25d44d483
b8f32ce5d6e08fad5854ae7bab81127ce5a0b3031f6a62b62700f77add7dfa86
ca23172a3431c3f72882e1ae7534a4b481d0d85a5b6bce884bd9b921e6a697a7
d868f1fc3212edd3a272e86552fbcef8f1a9ea4615f43ea8810f3d34223e84a5
e1dd6d68e00d98fe5bfbc6b196ff6b9538eb44dae9a7b386e9c4aea3e156d80e
e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f57ef0ba2787377eb267380c7fbee757dd07f645a1a31cac1f8931686ef45801
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

careconnect.kr Open in urlscan Pro 118.67.131.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

69 %IPv6

10 Domains

14 Subdomains

14 IPs

4 Countries

2141 kBTransfer

2957 kBSize

3 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

careconnect.kr Open in urlscan Pro
118.67.131.217 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

69 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

2141 kB
Transfer

2957 kB
Size

3
Cookies

43 HTTP transactions
1 data transactions