urlscan.io logo urlscan.io
SecurityTrails logo

xn--jx2a33n.com Open in urlscan Pro Puny
里親.com IDN
104.21.28.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--jx2a33n.com/
Effective URL: http://xn--jx2a33n.com/
Submission: On October 14 via manual from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 104.21.28.156, located in and belongs to CLOUDFLARENET, US. The main domain is xn--jx2a33n.com.
This is the only time xn--jx2a33n.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 104.21.28.156 13335 (CLOUDFLAR...)
6 142.250.186.34 15169 (GOOGLE)
1 142.250.185.136 15169 (GOOGLE)
2 142.250.181.226 15169 (GOOGLE)
1 142.250.185.142 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
2 142.250.186.161 15169 (GOOGLE)
1 142.250.74.196 15169 (GOOGLE)
30 9
14    104.21.28.156 (None, )

ASN13335 (CLOUDFLARENET, US)
xn--jx2a33n.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
adservice.google.de
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com
2    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.74.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
Domain Requested by
14 xn--jx2a33n.com xn--jx2a33n.com
6 pagead2.googlesyndication.com xn--jx2a33n.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com xn--jx2a33n.com
30 10

This site contains links to these domains. Also see Links.

Domain
forms.gle
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-12 -
2022-06-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 5 frames:

Primary Page: http://xn--jx2a33n.com/
Frame ID: F5D4DC88C3E0FA566337F6003826CDEE
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 984B53C69C6E2E9D4C0EB26FA68A3386
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3878294977771196&output=html&adk=1812271804&adf=3025194257&lmt=1633466691&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fxn--jx2a33n.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634194085029&bpp=2&bdt=166&idt=147&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3683858527389&frm=20&pv=2&ga_vid=355300771.1634194085&ga_sid=1634194085&ga_hid=1826813343&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048&oid=2&pvsid=939035990484549&pem=159&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
Frame ID: 93AC58BA0A4370581AC3B12B5FE6E9A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DDE4021C4B1950A9B7CF0120B1A319AD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FAEACECFB62F5BDCF1B034882F66299
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

里親.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

493 kB
Transfer

884 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--jx2a33n.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xn--jx2a33n.com/
Protocol
HTTP/1.1
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc2d2083dca6770967d6e44b4c94a18f4174a90f8caa5e60384801ccf1085cfc

Request headers

Host
xn--jx2a33n.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 14 Oct 2021 06:48:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
vary
Accept-Encoding
last-modified
Tue, 05 Oct 2021 20:44:51 GMT
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlw3DfRTClIuCrJvTaHwJy46XuNpEj1P86tBqymaebNWqy5nUAUO7zjYXI7%2F8GJGfX%2B2tapwciH6NOVz%2FsR5zbdVmfUxBRAv3n3K%2Fo1E1IoZbemnSLoTUMAEORs9o6yaBPg%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
69dedc2308dceddb-CDG
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3878294977771196
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
52e16492b7c7eb546b9ceecb64eeabdaa77996afb60bab14459815f85b94d3a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xn--jx2a33n.com/
Origin
http://xn--jx2a33n.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51419
x-xss-protection
0
server
cafe
etag
10417821273481040520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 06:48:04 GMT
logo.svg
xn--jx2a33n.com/image/ 		12 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xn--jx2a33n.com/image/logo.svg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
HTTP/1.1
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d009616444e95cdaccd55b420147429202e9f95dfabc1a1efafcadfb211fcaf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xn--jx2a33n.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://xn--jx2a33n.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 06:48:05 GMT
content-encoding
gzip
CF-Cache-Status
MISS
last-modified
Sun, 02 May 2021 16:12:30 GMT
Server
cloudflare
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"2fe0-5c15b1ca45650"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqM4irGydaFA3X14D2YZQTUCN3d8KXOlhTqAgHz%2FJx%2FXGVuY4hTA2Jf3JLqacgRZ29aLAp6QusZJrBcoqWYP5iMUY%2F2EB0LN7d5eyXjJ27h6fZ%2Fybybvb4fx9ZQ%2FROs1at8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
69dedc268b89eddb-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
nnn-top.js
xn--jx2a33n.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--jx2a33n.com/nnn-top.js?556
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545d31e3af3f7645408796963a969a3d4f9665304f531e81ad810ed1b5bc69d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 15 May 2021 02:04:48 GMT
server
cloudflare
etag
W/"53e-5c254c8fd46a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qr3GHgyfRzFaLBXSEuJlZ61YHdv3jK2RxebWVA2HTZ8bKFBBZsuCCRlFvLCFRa3mMCuOk%2FWNie9l508%2FbcYIa7LbekMO%2F4ntWfoKl1UtG%2FiSTcffHzHO%2FmonBgYQiZtl%2BKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69dedc26cc02bd59-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		124 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1TET2TEE7P
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3cd4172496ade6f88d734452c1fa55758c4fbce18c56b4ccbad6ebdc53bb0405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49470
x-xss-protection
0
expires
Thu, 14 Oct 2021 06:48:04 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3878294977771196&plah=xn--jx2a33n.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3878294977771196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99876
x-xss-protection
0
server
cafe
etag
5725214712622718827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 06:48:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 984B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3878294977771196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211011/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://xn--jx2a33n.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 21:25:32 GMT
expires
Wed, 27 Oct 2021 21:25:32 GMT
content-type
text/html; charset=UTF-8
etag
414810510046348021
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4645
x-xss-protection
0
age
33753
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/g/ 		0
368 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1TET2TEE7P&gtm=2oeab0&_p=1826813343&sr=1600x1200&ul=en-us&cid=355300771.1634194085&_s=1&dl=http%3A%2F%2Fxn--jx2a33n.com%2F&dt=%E9%87%8C%E8%A6%AA.com&sid=1634194085&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1TET2TEE7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xn--jx2a33n.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 06:48:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://xn--jx2a33n.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xn--jx2a33n.com&callback=_gfp_s_&client=ca-pub-3878294977771196
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3878294977771196&plah=xn--jx2a33n.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b69488195d7b0205b29593f7b5edee78ec57e25fdffd3e6f9eedf799d1c444e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=xn--jx2a33n.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3878294977771196&plah=xn--jx2a33n.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 06:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xn--jx2a33n.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3878294977771196&plah=xn--jx2a33n.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 06:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 93AC 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3878294977771196&output=html&adk=1812271804&adf=3025194257&lmt=1633466691&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fxn--jx2a33n.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634194085029&bpp=2&bdt=166&idt=147&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3683858527389&frm=20&pv=2&ga_vid=355300771.1634194085&ga_sid=1634194085&ga_hid=1826813343&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048&oid=2&pvsid=939035990484549&pem=159&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3878294977771196&plah=xn--jx2a33n.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3878294977771196&output=html&adk=1812271804&adf=3025194257&lmt=1633466691&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fxn--jx2a33n.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1634194085029&bpp=2&bdt=166&idt=147&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3683858527389&frm=20&pv=2&ga_vid=355300771.1634194085&ga_sid=1634194085&ga_hid=1826813343&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048&oid=2&pvsid=939035990484549&pem=159&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://xn--jx2a33n.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 14 Oct 2021 06:48:05 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 07:03:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 06:48:05 GMT
cache-control
private
nnn_top.js
xn--jx2a33n.com/nnn/ 		290 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--jx2a33n.com/nnn/nnn_top.js?33
Requested by
Host: xn--jx2a33n.com
URL: https://xn--jx2a33n.com/nnn-top.js?556
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3c204d4da6c9e8b7951a43dafe972711c4b7044e7bedfbe4ce1eff816c628d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Sep 2021 09:01:04 GMT
server
cloudflare
etag
W/"122-5cb6401672041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXoztGg71otr%2FdWTUGZxh7DqhZ2WwRXSa%2Fuu5Muq0UQS%2B%2FlM3He1BTD8Ya1v33OHpX0FSc%2Bhf%2BZMAcismRKKEe8tQH1Jn3R%2BEfOK6Ynu9UL7iBZUqLORFatiya3E%2Fl5Ndks%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69dedc2a6e04ee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1.jpg
xn--jx2a33n.com/dat/210907180045/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210907180045/1.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0970f4d98332416b02fdffd7ad53cb8ae6537fe862cae5939e693ade5c766bc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Tue, 07 Sep 2021 09:00:45 GMT
server
cloudflare
etag
"21d2-5cb64004d3446"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWRLxLxnL3TeD5QkhwzbVcwHmwNELnUECanJ2UF6owg9Bks8gJlsMK4VHG8HUNCMHaCEMfKq6a%2Be%2BBgqqEkNOEw%2F0GsmcqZIpHsaXqjCv8KfZTN24R%2B2pcyGsx8JtNetxu0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8bdee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8658
0.jpg
xn--jx2a33n.com/dat/210907175847/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210907175847/0.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4422d68d114ed73a847697a47d8a01b470c9899b652643e67b4aaf4722a74a7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Tue, 07 Sep 2021 08:58:47 GMT
server
cloudflare
etag
"9c56-5cb63f9395f79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cn0QWZSxoh%2B1wdX3RUUHxhAwbUV%2BKVoh0KnNaalAzoHgTCDf4yz13iWNMwX372qL4m8Klg6oZUxtWhhVy3RwNGrWraYGZwa5VB%2Fg0wBSZEXUZt4qwqoUl%2FPhlmOkm%2BDAMJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8c1ee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40022
2.jpg
xn--jx2a33n.com/dat/210907175210/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210907175210/2.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af019ae63de2762bb5eb4e3e1e0fd51ddaaffcbaaa1373a2961129103b174971

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Tue, 07 Sep 2021 08:52:10 GMT
server
cloudflare
etag
"384f-5cb63e1955cb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BphQ69oU4j1Hqle0TZzr9bLi4s0KgFQIQl2AEjLQlz%2Fn5x%2B%2Fl97xHAwQwNYlSipoqks%2FMZy2OMZ8NehGQLcCpuVWx5qBgjsxu9XpmCTuig4HhVAPWXjrFGQ1GMgg1F4KsD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8c4ee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14415
2.jpg
xn--jx2a33n.com/dat/210907175019/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210907175019/2.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab82d59577882ddae526a9e8b6ed80c7989fa0082aeb5b0e8c3e3354128fe0be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Tue, 07 Sep 2021 08:50:19 GMT
server
cloudflare
etag
"35be-5cb63db006c54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDsyqSP0M%2Bg3Hq38ZR1J0xAt20MwG0aQEZrEnZcQlOwiw3AvvRKfj1a%2F2bAfWShRiXqhQyzeF%2BHBZ8DMqjRZHiZNtzuR4QEo%2B9ff6TpJalAWU0g791RnX20P3A4Fdkb66sU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8c5ee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13758
0.jpg
xn--jx2a33n.com/dat/210528234417/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210528234417/0.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d64a769214e2a936e2560130818c549fae3197217dada12640dc0cf4c7e90a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 14:44:17 GMT
server
cloudflare
etag
"2770-5c364e90604e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikbby1NXFbtL%2B5To3oRbZSYRnVZA8qs6JdSOU1sfBaDSozz6jgAmYNZiWN%2B1PsPYnCBKS3Ze92Qk3aSXHbRHWDtbhrTI0C3zA3GxguLLzBcwhgK96pyo4k%2BLaOQrj1kmtr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8c7ee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10096
1.jpg
xn--jx2a33n.com/dat/210528234230/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210528234230/1.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da141c8e6f2fdcb4a264016a2575132b459d2c80a436962277db815154ebb819

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 14:42:30 GMT
server
cloudflare
etag
"7c72-5c364e2a339a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXpiCdgdSrnoUoOl%2BUIixO3Vu0sf1IswKc7eRQ6UOl%2FkA9%2B6%2B20O%2BOGyefFd%2B0kB6t6k9i59%2FaAgWXdj0fIR%2F6P662nBBDkh8mEa2h6JvUjuR5CxU%2FpmUIMykDL%2F%2BPk1vYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8c8ee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31858
0.jpg
xn--jx2a33n.com/dat/210427025945/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210427025945/0.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23739008fa2f3b1c485db7ee4272894f9b0e95394cd7805c42b8936503d06cf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:07 GMT
cf-cache-status
MISS
last-modified
Mon, 26 Apr 2021 17:59:45 GMT
server
cloudflare
etag
"d889-5c0e3e9292df1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq59hHPUQ2WgvdMrh%2F0lvJu3SgDXpI%2BqJNLtMajLy%2Bv5NXnmjmn4Zz2sE%2F0pgyQqQepN76hHcqS3EuivnaIQt4HbCGQn4IjTl8yXgPwOQsY%2FljaAH309cAWq%2Be%2BAZ3T6eFU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8c9ee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55433
0.jpg
xn--jx2a33n.com/dat/210317204153/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/210317204153/0.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adbcb9cb68ef6fb87367ae5fbbefc0d363982e5a3441980b9f926a04b237e572

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Mar 2021 11:41:53 GMT
server
cloudflare
etag
"a7a5-5bdb9f82c543c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAxURwPHqVX8CWdTAZr8wv3nb0liAAnJD1N%2BFZu42FJxNhci8nscCGg5BkbDUZY6rjWgx8%2BU3Ip161au2c2rtTYcmOad1IxbgHqQT07jct18hRvpT1OkkVnApYC%2BAgwkagE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8caee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42917
0.jpg
xn--jx2a33n.com/dat/200508101120/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/200508101120/0.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc06b2e6b3f722ca4dad2fb2839e6161976630c62b0eb7b3691189414726627b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Fri, 08 May 2020 01:11:20 GMT
server
cloudflare
etag
"3213-5a518acc95907"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yPrMre%2B7DYyF7SEonBWOaDbpTitJ%2BTlyv0Xbj%2BbnN6Tux6XL7tQRSdaX8MuXLUQP8xH1UfmiASkcJsBgVW%2BmfA1bhWpk44CoKCPMQKSoOaSWEJ%2BIwUvcoOs37OMszdgS%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8ccee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12819
0.jpg
xn--jx2a33n.com/dat/200125112057/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--jx2a33n.com/dat/200125112057/0.jpg
Requested by
Host: xn--jx2a33n.com
URL: http://xn--jx2a33n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.28.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15dacc1a34b8b43916265692ffba7ef1bcacecd26097b7efba83154ea8366fa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:06 GMT
cf-cache-status
MISS
last-modified
Sat, 25 Jan 2020 02:20:57 GMT
server
cloudflare
etag
"335b-59ced8648d746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvTXsK240E0UXs3wuOVInZY%2Fa8Z7YdNqlP9spRXlaZMc0BgsxKp4rtwAmZUafnyV9E6mysIA%2FV4cUWgeC7r3AnV7JKBamZMnTyMkyYQOLA44FUc64E0fhKzyhGp87BrQKDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69dedc2dd8cdee3b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13147
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3878294977771196&plah=xn--jx2a33n.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c18cef74544657b31853d9dc6b0d7fdc7a00001ba522c45937b9ce0d89859447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 06:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8420
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3878294977771196&plah=xn--jx2a33n.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 06:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 14 Oct 2021 06:48:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DDE4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://xn--jx2a33n.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 14 Oct 2021 06:21:22 GMT
expires
Fri, 14 Oct 2022 06:21:22 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8FAE 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
9cff329157d98bed772217e60f41674ea4e13341264126eaecc2460fab6ad2eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0MZo9UtQBdNj4MLGgE9OBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://xn--jx2a33n.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 14 Oct 2021 06:48:07 GMT
date
Thu, 14 Oct 2021 06:48:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-0MZo9UtQBdNj4MLGgE9OBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame DDE4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
155213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 11:41:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FAE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=939035990484549&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=939035990484549&bg=!y8ilyIzNAAbGFvHlxhY7ACkAdvg8WhIhFLvx3NV-tMqZZJloNwK1pplpieO7xZzKyO43inPKhBSZAQIAAABTUgAAAAtoAQcKAH2W2BzNPamKluSwPM4F4ZxvO-CXxVGFbwE4zg3I_TqTr1cANEPGlsmHAiARDjGaB2ddnUAZPuvvO23lUM_043md2ardBrujeWWYApdHnO8OpWUFapU7gD64JDU7uyxa5dvpAVUpOvuBnPLYE3dlCieEle7j5uCd_JmTywOn4JkCwfk307fryLg-lJakV8k0xHkMyzwOcMbKLuSIlrCfHrExS3HZz9evug9LybEWYg9srq_00Tde4Grc-vl8RqXz6J7p71g4wK653cJVpiOXgfZZkVeFQEkw56pTt36pQ6hjUF3niLZ1yJndzh2W_OUTurtH5OkZsyUNFO2pNLpL8auAxuJoAIZ4Vq2gP7DIDq6OqFI2nOCNhERTD1tIxA3T-EJVMxKZXqlpdqZ1HeIe5uFSs_rG3ewQ2IxAWtZu4Iiq1jil2kypxjC-lXzvTX06tgjzDb_YUj-93qX-yLBhT2qklaXUIRSQpSJX4IKURqGf1IgnfrDwrHL_uVlVHtl65e76Wj7-Q2cmHnBZj_DAXjtAsU0ubFgsIGWLDxIYWbwRJidcSDf8sEm6-5rrkMwFZTBS7iDCWXiNyzXIVhlGug5jrC_4CwYDZq7lWmYTfLZ1nffxH0yhFEoEA2yKOQWnS6pVbfEquq43JSGTdYy_pN48YLiblwTWhoph12SkIVnfJWcGi2kdlO8bE-OnufaQ5OaXhxYULkypnHmWgNH06jT4uYFiJF8GjumAAxdZQ5gyriAf-YOx7ibh1O1KgAk1IT7zNgixY2IEkF9OTq8Q2mIdYOu9UEQs6MkEeBKMeo-l1B1sAbNcoHxKrTNA3beJnfZAlTTGGNgoA4PAjNSeLFptpF58ykDX65z71t-4wPKZlFcYLirJzIKhTjxM9BhaM5gPGxMmgWsuPoOfi3PTXpOhIjVHoHL8rNmDo-1albwId1_RucPbIi-2ggohiDywaVN7TVdRQjgPZGuR4bvDDO9FeUd3FnKSkMUnPdQYjiZ-GLp4SoMwg_Cu4m8GjLweQZ9ZYfccqyKKtCAT2blMD5XOsf-xAVFj96xy5EvvnmL0WKESh-ZtwnGAYuCysLWdSE0SUx2P1agoDQr0Eo_Fnf4c4w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xn--jx2a33n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 06:48:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| AddScript function| addnekobanner object| A object| dispimg object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.xn--jx2a33n.com/ Name: _ga_1TET2TEE7P
Value: GS1.1.1634194085.1.0.1634194085.0
.xn--jx2a33n.com/ Name: _ga
Value: GA1.1.355300771.1634194085
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.xn--jx2a33n.com/ Name: __gads
Value: ID=2ddec1749feeefe2-22ed47b2f1ca0079:T=1634194085:RT=1634194085:S=ALNI_MYN1aVeIqd07xqVJod1E9dbgKJWlw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
xn--jx2a33n.com
104.21.28.156
142.250.181.226
142.250.184.226
142.250.185.136
142.250.185.142
142.250.186.161
142.250.186.34
142.250.186.66
142.250.74.196
0970f4d98332416b02fdffd7ad53cb8ae6537fe862cae5939e693ade5c766bc5
15dacc1a34b8b43916265692ffba7ef1bcacecd26097b7efba83154ea8366fa2
23739008fa2f3b1c485db7ee4272894f9b0e95394cd7805c42b8936503d06cf4
27d64a769214e2a936e2560130818c549fae3197217dada12640dc0cf4c7e90a
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3cd4172496ade6f88d734452c1fa55758c4fbce18c56b4ccbad6ebdc53bb0405
4422d68d114ed73a847697a47d8a01b470c9899b652643e67b4aaf4722a74a7e
4d3c204d4da6c9e8b7951a43dafe972711c4b7044e7bedfbe4ce1eff816c628d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52e16492b7c7eb546b9ceecb64eeabdaa77996afb60bab14459815f85b94d3a9
545d31e3af3f7645408796963a969a3d4f9665304f531e81ad810ed1b5bc69d6
9cff329157d98bed772217e60f41674ea4e13341264126eaecc2460fab6ad2eb
9d009616444e95cdaccd55b420147429202e9f95dfabc1a1efafcadfb211fcaf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab82d59577882ddae526a9e8b6ed80c7989fa0082aeb5b0e8c3e3354128fe0be
adbcb9cb68ef6fb87367ae5fbbefc0d363982e5a3441980b9f926a04b237e572
af019ae63de2762bb5eb4e3e1e0fd51ddaaffcbaaa1373a2961129103b174971
b69488195d7b0205b29593f7b5edee78ec57e25fdffd3e6f9eedf799d1c444e2
bc06b2e6b3f722ca4dad2fb2839e6161976630c62b0eb7b3691189414726627b
c18cef74544657b31853d9dc6b0d7fdc7a00001ba522c45937b9ce0d89859447
da141c8e6f2fdcb4a264016a2575132b459d2c80a436962277db815154ebb819
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
fc2d2083dca6770967d6e44b4c94a18f4174a90f8caa5e60384801ccf1085cfc