urlscan.io logo urlscan.io
SecurityTrails logo

www.moneydj.com Open in urlscan Pro
210.66.210.14  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Submission: On April 28 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 9 countries across 51 domains to perform 594 HTTP transactions. The main IP is 210.66.210.14, located in Taichung, Taiwan and belongs to SEEDNET Digital United Inc., TW. The main domain is www.moneydj.com.
TLS certificate: Issued by TWCA Secure SSL Certification Authority on March 2nd 2020. Valid for: 2 years.
This is the only time www.moneydj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
148 210.66.210.14 4780 (SEEDNET D...)
30 2a00:1450:400... 15169 (GOOGLE)
1 3 34.96.119.68 15169 (GOOGLE)
1 1 172.105.221.240 63949 (LINODE-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
9 2a03:2880:f04... 32934 (FACEBOOK)
1 104.111.224.62 16625 (AKAMAI-AS)
35 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.106.63 16509 (AMAZON-02)
1 2600:1901:0:b... 15169 (GOOGLE)
1 2 13.224.106.52 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
64 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.106.29 16509 (AMAZON-02)
1 1 52.12.169.109 16509 (AMAZON-02)
1 13.224.148.191 16509 (AMAZON-02)
7 2a03:2880:f14... 32934 (FACEBOOK)
56 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 21 2a00:1450:400... 15169 (GOOGLE)
3 13.224.106.61 16509 (AMAZON-02)
5 192.229.233.139 15133 (EDGECAST)
1 119.81.192.141 36351 (SOFTLAYER)
3 8 192.96.200.41 30633 (LEASEWEB-...)
17 2606:4700:20:... 13335 (CLOUDFLAR...)
1 119.63.198.189 38627 (BAIDUJP B...)
19 24 162.210.196.208 30633 (LEASEWEB-...)
15 2600:9000:206... 16509 (AMAZON-02)
21 210.61.218.12 3462 (HINET Dat...)
2 8 35.201.76.93 15169 (GOOGLE)
3 2600:9000:205... 16509 (AMAZON-02)
9 54.178.71.123 16509 (AMAZON-02)
9 2a02:2638:1::3 44788 (ASN-CRITE...)
3 2a02:2638::1c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.200.48.161 14618 (AMAZON-AES)
5 119.63.198.143 38627 (BAIDUJP B...)
5 119.63.198.188 38627 (BAIDUJP B...)
1 119.63.198.172 38627 (BAIDUJP B...)
1 2600:1901:0:7... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2620:116:800d... 16509 (AMAZON-02)
3 34.98.67.61 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
8 13 142.250.185.194 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 2.18.234.21 16625 (AKAMAI-AS)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 178.250.2.131 44788 (ASN-CRITE...)
3 210.59.219.34 3462 (HINET Dat...)
1 2a00:1450:400... 15169 (GOOGLE)
8 8 2a00:1288:110... 34010 (YAHOO-IRD)
4 4 52.51.103.64 16509 (AMAZON-02)
6 6 18.195.54.133 16509 (AMAZON-02)
2 34.95.67.231 15169 (GOOGLE)
2 116.50.36.71 18046 (DONGFONG-...)
2 4 203.75.214.136 3462 (HINET Dat...)
2 103.132.192.30 138552 (RTBHOUSE-...)
8 3.115.39.7 16509 (AMAZON-02)
3 35.227.249.156 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.111.239.217 16625 (AKAMAI-AS)
3 46.236.13.147 24931 (DEDIPOWER)
2 13.224.106.22 16509 (AMAZON-02)
1 81.29.72.47 24931 (DEDIPOWER)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.72.18.9 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
594 70
148    210.66.210.14 (Taichung, Taiwan)

ASN4780 (SEEDNET Digital United Inc., TW)
PTR: h14-210-66-210.seed.net.tw
www.moneydj.com
30    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
3    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
apn.c.appier.net
adx.c.appier.net
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
9    2a03:2880:f042:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com
cdn.innity.net
35    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.106.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-63.mad50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
2    13.224.106.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-52.mad50.r.cloudfront.net
sb.scorecardresearch.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
64    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.224.106.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-29.mad50.r.cloudfront.net
certify.alexametrics.com
1    52.12.169.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    13.224.148.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-148-191.nrt51.r.cloudfront.net
a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net
7    2a03:2880:f142:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
56    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.ch
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
21    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
adservice.google.ch
3    13.224.106.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-61.mad50.r.cloudfront.net
adx.doublemax.net
5    192.229.233.139 (Torrance, United States)

ASN15133 (EDGECAST, US)
api.popin.cc
1    119.81.192.141 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
as.innity.com
8    192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
17    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
24    162.210.196.208 (Hyattsville, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
agent.aralego.com
15    2600:9000:206f:ba00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
21    210.61.218.12 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
banner-cfnetwork.cdn.hinet.net
8    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
c.holmesmind.com
3    2600:9000:2057:a600:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
9    54.178.71.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
ad.holmesmind.com
9    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fc386651256b78a5c9b2e79466c235fa.safeframe.googlesyndication.com
0a8774b85665cee7386fd9954e38dbde.safeframe.googlesyndication.com
1    34.200.48.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
in.treasuredata.com
5    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
5    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
1    119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
inrecsys.popin.cc
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
13    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
13    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
1    2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
ad4mat.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    210.59.219.34 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    52.51.103.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
6    18.195.54.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    34.95.67.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
fcm.holmesmind.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
4    203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.HINET-IP.hinet.net
t.ssp.hinet.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
8    3.115.39.7 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
ccm.holmesmind.com
3    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
m.holmesmind.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
15e2e1f16b5f2f84618a37cb96f8aaf0.safeframe.googlesyndication.com
9fe089ac5a44ca1242abcdc8619b24b1.safeframe.googlesyndication.com
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
3    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    13.224.106.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-22.mad50.r.cloudfront.net
analytics.webgains.io
analytics-wg.webgains.io
1    81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net
diapi.webgains.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a34cc39bd0f9c9f3519b698b8b451ecd.safeframe.googlesyndication.com
2    54.72.18.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
api.webgains.io
2    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
w-it.m-t.io
Apex Domain
Subdomains		 Transfer
148 moneydj.com
www.moneydj.com
621 KB
125 googlesyndication.com
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
fc386651256b78a5c9b2e79466c235fa.safeframe.googlesyndication.com
0a8774b85665cee7386fd9954e38dbde.safeframe.googlesyndication.com
15e2e1f16b5f2f84618a37cb96f8aaf0.safeframe.googlesyndication.com
9fe089ac5a44ca1242abcdc8619b24b1.safeframe.googlesyndication.com
a34cc39bd0f9c9f3519b698b8b451ecd.safeframe.googlesyndication.com
2 MB
61 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
851 KB
48 holmesmind.com
cdn.holmesmind.com
fcm.holmesmind.com Failed
c.holmesmind.com
adcdn.holmesmind.com
ad.holmesmind.com
ccm.holmesmind.com
m.holmesmind.com
114 KB
32 aralego.com
ads.aralego.com
sync.aralego.com
agent.aralego.com
14 KB
26 google.com
apis.google.com
adservice.google.com
www.google.com
80 KB
25 hinet.net
banner-cfnetwork.cdn.hinet.net
t.ssp.hinet.net
116 KB
17 aralego.net
cdn.aralego.net
202 KB
17 popin.cc
api.popin.cc
tw.popin.cc
log.popin.cc
r.popin.cc
inrecsys.popin.cc
112 KB
16 googletagservices.com
www.googletagservices.com
496 KB
13 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
333 KB
10 google.de
adservice.google.de
www.google.de
1 KB
9 criteo.com
gum.criteo.com
bidder.criteo.com
1 KB
9 criteo.net
static.criteo.net
113 KB
8 yahoo.com
pr-bh.ybp.yahoo.com
793 B
7 facebook.com
www.facebook.com
31 KB
6 bidswitch.net
x.bidswitch.net
2 KB
5 google.ch
adservice.google.ch
1 KB
5 facebook.net
connect.facebook.net
184 KB
4 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
105 KB
4 webgains.com
track.webgains.com
diapi.webgains.com
98 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 fbcdn.net
static.xx.fbcdn.net
251 KB
4 googleadservices.com
partner.googleadservices.com
303 B
4 appier.net
apn.c.appier.net
gocm.c.appier.net
adx.c.appier.net
ad2.apx.appier.net Failed
1 KB
3 scupio.com
prebid.scupio.com
4 KB
3 mookie1.com
odr.mookie1.com
1 KB
3 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
ad4mat.net
5 KB
3 doublemax.net
adx.doublemax.net
2 KB
2 m-t.io
w-it.m-t.io
280 B
2 awin1.com
www.awin1.com
1 KB
2 creativecdn.com
prebid-asia.creativecdn.com
358 B
2 lndata.com
cm.lndata.com
940 B
2 casalemedia.com
ssum-sec.casalemedia.com
2 KB
2 pubmatic.com
image6.pubmatic.com
2 KB
2 openx.net
rtb.openx.net
758 B
2 scorecardresearch.com
sb.scorecardresearch.com
1 KB
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net
2 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 gstatic.com
fonts.gstatic.com
15 KB
1 googleapis.com
fonts.googleapis.com
632 B
1 innovid.com
ag.innovid.com
296 B
1 rubiconproject.com
pixel.rubiconproject.com
460 B
1 quantserve.com
cms.quantserve.com
463 B
1 treasuredata.com
in.treasuredata.com
515 B
1 innity.com
as.innity.com
599 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
138 B
1 alexametrics.com
certify.alexametrics.com
550 B
1 mxpnl.com
cdn.mxpnl.com
25 KB
1 googletagmanager.com
www.googletagmanager.com
47 KB
1 innity.net
cdn.innity.net
4 KB
594 51
Domain Requested by
148 www.moneydj.com www.moneydj.com
www.googletagmanager.com
64 tpc.googlesyndication.com securepubads.g.doubleclick.net
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.moneydj.com
adx.doublemax.net
54 pagead2.googlesyndication.com 42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
www.moneydj.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
adx.doublemax.net
agent.aralego.com
31 securepubads.g.doubleclick.net www.moneydj.com
www.googletagservices.com
securepubads.g.doubleclick.net
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
cdn.aralego.net
22 sync.aralego.com 17 redirects ads.aralego.com
www.moneydj.com
agent.aralego.com
21 banner-cfnetwork.cdn.hinet.net cdn.holmesmind.com
www.moneydj.com
adx.doublemax.net
17 cdn.aralego.net adx.doublemax.net
ads.aralego.com
www.moneydj.com
agent.aralego.com
16 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
16 www.googletagservices.com www.moneydj.com
securepubads.g.doubleclick.net
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
15 cdn.holmesmind.com ads.aralego.com
cdn.holmesmind.com
ad.holmesmind.com
14 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
13 cm.g.doubleclick.net 8 redirects www.moneydj.com
googleads.g.doubleclick.net
9 static.criteo.net cdn.holmesmind.com
adx.doublemax.net
9 ad.holmesmind.com cdn.holmesmind.com
adx.doublemax.net
9 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
8 ccm.holmesmind.com adx.doublemax.net
8 pr-bh.ybp.yahoo.com 8 redirects
8 c.holmesmind.com 2 redirects adx.doublemax.net
cdn.holmesmind.com
8 ads.aralego.com 3 redirects ads.aralego.com
agent.aralego.com
8 www.google.com 2 redirects www.moneydj.com
securepubads.g.doubleclick.net
apis.google.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 www.facebook.com www.moneydj.com
connect.facebook.net
6 assets.ad4m.at as.ad4m.at
6 x.bidswitch.net 6 redirects
6 bidder.criteo.com static.criteo.net
5 ad4m.at googleads.g.doubleclick.net
ad4m.at
5 r.popin.cc www.moneydj.com
5 log.popin.cc www.moneydj.com
5 adservice.google.ch securepubads.g.doubleclick.net
5 api.popin.cc www.moneydj.com
api.popin.cc
5 connect.facebook.net www.moneydj.com
connect.facebook.net
fcm.holmesmind.com
4 t.ssp.hinet.net 2 redirects cdn.holmesmind.com
4 match.adsrvr.org 4 redirects
4 static.xx.fbcdn.net www.facebook.com
4 partner.googleadservices.com pagead2.googlesyndication.com
4 apis.google.com www.moneydj.com
apis.google.com
3 track.webgains.com as.ad4m.at
analytics.webgains.io
3 m.holmesmind.com cdn.holmesmind.com
3 prebid.scupio.com banner-cfnetwork.cdn.hinet.net
3 odr.mookie1.com googleads.g.doubleclick.net
www.moneydj.com
adx.doublemax.net
3 gum.criteo.com static.criteo.net
3 adcdn.holmesmind.com cdn.holmesmind.com
3 adx.doublemax.net pagead2.googlesyndication.com
2 w-it.m-t.io analytics-wg.webgains.io
2 api.webgains.io analytics.webgains.io
2 www.awin1.com as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 agent.aralego.com 2 redirects
2 prebid-asia.creativecdn.com banner-cfnetwork.cdn.hinet.net
2 cm.lndata.com cdn.holmesmind.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 fcm.holmesmind.com cdn.holmesmind.com
2 42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sb.scorecardresearch.com 1 redirects www.moneydj.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adx.c.appier.net www.moneydj.com
apn.c.appier.net
1 analytics-wg.webgains.io analytics.webgains.io
1 a34cc39bd0f9c9f3519b698b8b451ecd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 diapi.webgains.com track.webgains.com
1 analytics.webgains.io track.webgains.com
1 9fe089ac5a44ca1242abcdc8619b24b1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 15e2e1f16b5f2f84618a37cb96f8aaf0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 0a8774b85665cee7386fd9954e38dbde.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com tpc.googlesyndication.com
1 ad4mat.net ad4m.at
1 static-de.ad4mat.net ad4m.at
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 inrecsys.popin.cc www.moneydj.com
1 in.treasuredata.com api.popin.cc
1 fc386651256b78a5c9b2e79466c235fa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tw.popin.cc api.popin.cc
1 as.innity.com cdn.innity.net
1 a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net www.moneydj.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com 1 redirects
1 certify.alexametrics.com www.moneydj.com
1 www.google.de www.moneydj.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.mxpnl.com www.moneydj.com
1 d31qbv1cthcecs.cloudfront.net www.moneydj.com
1 www.googletagmanager.com www.moneydj.com
1 cdn.innity.net www.moneydj.com
1 gocm.c.appier.net 1 redirects
1 apn.c.appier.net 1 redirects
0 ad2.apx.appier.net Failed banner-cfnetwork.cdn.hinet.net
594 89
Subject Issuer Validity Valid
*.moneydj.com
TWCA Secure SSL Certification Authority		 2020-03-02 -
2022-04-17		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.c.appier.net
R3		 2021-04-10 -
2021-07-09		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.innity.net
DigiCert Secure Site ECC CA-1		 2020-04-10 -
2021-07-10		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2019-07-29 -
2021-07-28		 2 years crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.profile.nrt51-c3.cloudfront.net
Amazon		 2020-05-30 -
2021-06-30		 a year crt.sh
*.doublemax.net
Go Daddy Secure Certificate Authority - G2		 2020-04-24 -
2021-06-24		 a year crt.sh
api.popin.cc
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-25 -
2022-03-30		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-19 -
2021-07-19		 a year crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3		 2020-11-12 -
2021-11-15		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.cdn.hinet.net
 2019-05-10 -
2021-08-11		 2 years crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.treasuredata.com
Amazon		 2020-10-16 -
2021-11-15		 a year crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2019-10-15 -
2021-10-28		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2020-12-01 -
2022-01-01		 a year crt.sh
*.ssp.hinet.net
 2020-10-19 -
2021-10-19		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-20 -
2021-06-08		 2 years crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
w-it.m-t.io
GTS CA 1D4		 2021-04-09 -
2021-07-09		 3 months crt.sh

This page contains 69 frames:

Primary Page: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Frame ID: E40FE7B24215C62C0014DD9A9E32D96A
Requests: 193 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDgUDpqz0HGMb9asqEEiK_ry2-ZMPVswPhE0lfWXBJNd5wRRhhPM2q0-VB_zF408RVUc8jLvz-8lC8ih5LqTveivyzqW2Qoo6GoLn1hofbpQi2s78z9UbNAgrSaof6tWb0ioiFy1rtoKNBfzpRf7Vafv5tnwBOc4rnyZOcinGuwm_nlmsOfYVOp9dR7ejbfCFJQPMaemmb9R_IsA_Avb8CsBK5poTnyRRbtXd-g6_fg6hBQLwV-CJS-fxS1WBmtKDzdxGLQuVJtI32kCbUmHsH1vGCbHtVoqghw2QJodsy6SLbnx7lGQXvLQRAKA&sai=AMfl-YRHUsoPax0P33RMi6-gko58hF3QXg8xxNEa2wacciBubTwlgRb6lP_DxtG2UW2JnJqXM9hZjsnffWpLoX2YKePxNWq_XF6YfZCvrd6fIfpeLJilRPhsDJgZVufBZ_o&sig=Cg0ArKJSzE-QJLAZqPlkEAE&adurl=
Frame ID: 69000813D3174C4560FD33EF3FAF9EA2
Requests: 8 HTTP requests in this frame

Frame: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Frame ID: C7825CF58981165605129EC6B088DC92
Requests: 16 HTTP requests in this frame

Frame: https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B120F99072E5F074A32F52EA19C3DBF8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html
Frame ID: 374C8E60375CE6D115AFA61D767BF420
Requests: 1 HTTP requests in this frame

Frame: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Frame ID: 56EE438B098C5BFE60AD851A4C8E336B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 128377ABC8AEBA107542E5A97292C2FB
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
Frame ID: 8D4778343C4C1C535C625BB85F1B0B37
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
Frame ID: 531852AE6A5A4EEDBFE4653A7656692A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c9ed5a40db72%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Frame ID: 2B05D5275B38CD69775B936BF3BE67F2
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38ffeba3cc7848%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Frame ID: 36FB971B475DCEC0D5FCC176BCADB46D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: FB1DD51F373870B158E968DC768610F5
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-TFFAay-P02IdpSYbaVGLdC1XuBGCa8b-Quro-Ugu9SlXobFnhdT5JbmvphvpFv8frlkvB8OatMo9O-1Wc_vJVjuj7VUVYauH2XaSRpPLXzrW5F7_UEikiTgLSeZ2m43e3tXD2npC9cmBlSPRTN2BaM_NJvSV9QOTW9p5Kabq6ymsvugGnSoZ3qCnRq_oIFeKzJcNpEWLf7xnTLk6CYByjFSaOQraAPBJynPXxExL1Ks8hK-FDuiBTnOjkh92R9mm06vaY-e5HzDcOk-eDc7H6rjppcJDc9AULPX_cHDphptF0OA4z1Mh9btjFpTmRGe1&sai=AMfl-YQtfZq7rwoFKMu3GIC6TbIM5lzBW68yFk30Wuq1oKlqAH2DWCbRbUS2gg9xhz93C6uwY3UN9qzCvgokLgjiMh0-__xAcEhf-pPQIbhqwHqocLP-rYkTCcMLHCX9p8wm&sig=Cg0ArKJSzDESLRnMT4pgEAE&urlfix=1&adurl=
Frame ID: 77A37B4EC340C3300115FA444F51B78E
Requests: 14 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 72933A3A504E894572A982E6DC542108
Requests: 11 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F67F5BDF8CA6D8AE3B4784257B5C2AB7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 7D280BDDE2D4251A752033FB9C374F6D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 2C50080D2C8F224BDA9BF4AC50DD478A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Frame ID: 557D0BBCFAA12DE0979EF4C56D7A65E8
Requests: 8 HTTP requests in this frame

Frame: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Frame ID: 8031973FFD02D4CB0FE7C41939ADB117
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&adk=1812271804&adf=3025194257&lmt=1619576286&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286565&bpp=1&bdt=7912&idt=172&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&prev_fmts=300x250&nras=1&correlator=4570452623641&frm=20&pv=1&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&dtd=180
Frame ID: 76B402CD4EB7ECC577FABF91E7F2C102
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5tZVytnP6QMcxJ6ok4GfYiMb_M1GCgn4GaAgIvCpzRt1fHwdYVr_ckEpAbgfp-vfYMm-l5YXUOKMhb5BImLFfQhl9A4Tz5NuIYy5VzX0Vq7nDiHf-8FRST-jhbwv4UwdjlBNTGcrX33n7MgH7k7aT3WJ2LFQv1VARcE84C8JMkxeVXp8Hm-ZsiKQB7MePlBSHD32KKPnrv82ETIuFE32YkI_GVnCHikYUDGqP9u3HI8GMRi29OAJEshisCXdYp5DKyltSOmPpE0pdGnppgNjubmQBfFrxuW1xPAPvGWejjQCWsaLphq3-&sai=AMfl-YReCNdyZl3hdTvw_BEeWSgOZ4wCa9o-xmVEmiPFDf7ZxNX5OO6tZcB9sL4n4gTFwiS2ewJgAA64qCkQSHcEZ5a-Z6YuQsmV582sF5Yn3FSfC2fkJWHDI8ByM3NWCtY&sig=Cg0ArKJSzI1CK1DbKRrcEAE&urlfix=1&adurl=
Frame ID: 0A9AC886024C14B6A40BD2CE42A61B4D
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Frame ID: C12B0BCE77C16C04A1050E4D4E58FF3A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjh85qQMFOySgUMGIrj9YTzeGG0D_-obg7yEMepIpI4mRYAHrlAhF6BOLirACP0DUV3e2Ytyb7qRFIeNbh5WAOy3yJ6m7Nv1i7tNFYPwi2XRuDPLckXOlFi5VYQm-FMK8ilnGkBLqdz-FjI4PBefaBem0Y1VdfT_gOiDPLxRQ29oxz6ZVpvD2ia0xYWM3CtHKhnh5iRQQWNM9xaV3E81ahOBnlpxXOXWUxbEkzUNRFM86L5-mi1Afa331syXvvbahopRW2z3UACG8HFFmpyo9ZjCO704vQbW2lct7m4Ln2UjS3PutQttGg-w&sai=AMfl-YQu0KfcmzloOEtwCCqRMDnzMLFWrSGvu6U0vurABp3Gli8WGm6bD_w10YnaKBTrNUSMjdSfDyGguf96tuUE81N5Crj-Gq84LoWmMJf9-PV3q2LPjzJq5po2bHxzbe4&sig=Cg0ArKJSzH3hGIsYYkKDEAE&urlfix=1&adurl=
Frame ID: 8A7414D87E115EA2AE2B46923EBC8230
Requests: 13 HTTP requests in this frame

Frame: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Frame ID: E4138907B615DB9C6A3A1795E520294E
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
Frame ID: F254C264CF580F845BE9BA1495F822F9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD265219AD4F698D0FAFEECF90E216AA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E151B5B712E7609AD29C0C6D88C076D5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Frame ID: 663A78E3351566D44203F3F39E6D85A7
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 888BAFDD3129AA0372388F6FC3C151F1
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 33F4A9DD8A2454A6BD969908E2B4F123
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8B55BF426E6B78D164A6C4C6DB6647F1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D88130BA22A61D26B4D42B1691F1995F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Frame ID: 6D40F2C212F5443B5A879D2C993B6AEF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8951AA43BB937B915FC955A5716D3661
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: F3BE2EC2D9A564A2DA834BD338C04386
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6563B3B797A9C72E981B5DEDC91A63FC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 9288A7AE870BBAAEE4BFD4FD1512AD27
Requests: 12 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 4DAB35F6005F813F865CFB000CD4F4A8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: F9FB6EBE3959D1EF4BAE68A6CC8F1FFF
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 72ECD1D136BE5EA440CBBD370F7371F9
Requests: 22 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Frame ID: 202AF5979AFAFD05AA56CBB7A5426F7B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 73917FFACDC18CDF44380EEB35D226E9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: D16C669C241856C8090C5917ABEE7A37
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 18FA0AA18F53E3DAD798330A4092C411
Requests: 2 HTTP requests in this frame

Frame: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
Frame ID: B504939A946FDA55B175FC1188F56CAA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 1BEA114544DA194CFC06B7C3D4300540
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5D84C4148B2EF401CB9F62BE669665E1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7AC63C2A754239E69AC939DE06499A83
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 0A7088FE4A58851747A190793111ED98
Requests: 4 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 2507F3823E5FE767868D13D29496EF7A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: E7E8161951D8D638E48A5868621EE8C5
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 493A4A64DAAA2A7BE68816ED47BC0C6E
Requests: 22 HTTP requests in this frame

Frame: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x250_newsright.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
Frame ID: 31659F3EF0D0AA54D887D52D72824C9E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: F92DF66BCCF20AD139717FC178A5ADA9
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Frame ID: 4365937BE1D287E43CA75882F7CBAACE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 27AE6A1A2B375A0E226336F5C095B013
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Frame ID: 714AF2EE7065094EFBEAA2347DDB55B6
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4FBCDACCEE0B36E74CC41AB81720D560
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 6F65FCFB3CA140BE8BBBE4E624B72BFC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576290579&bpp=5&bdt=1466&idt=63&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=5953846217364&frm=8&ife=1&pv=2&ga_vid=1980705266.1619576291&ga_sid=1619576291&ga_hid=1612520566&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=629493085&scr_x=-12245933&scr_y=-12245933&eid=42530672&oid=3&pvsid=3126043947545849&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5nrjqt72ydtr&fsb=1&dtd=81
Frame ID: B26FB31FB80FD93C01BD465B25DB58AF
Requests: 1 HTTP requests in this frame

Frame: https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESEE0EJF80gGJ1TWSRfYWIvy0&google_cver=1
Frame ID: 3D814AA9087012F5C1997653FC07A440
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 39071DE7D531A4522A832599A3214AE0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: AC39C5C7AF0D63954BADB71542C35FF3
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B983EBED0A32DAC1D9BB065F06EDDF15
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4ADCF2A0C4E994CDE1E3444196F7751E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Frame ID: 230B6DBE07E34C3E16DBBDFABE45CB35
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2EC3E5EE02680B559F69E5A917260203
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Frame ID: 10BB8D498CF465B985A4CFC76D37230D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A12C33C88B7E9D19EB562F81164228AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Page Statistics

594
Requests

99 %
HTTPS

44 %
IPv6

51
Domains

89
Subdomains

70
IPs

9
Countries

5676 kB
Transfer

13655 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Hhc9Br-U HTTP 307
  • https://gocm.c.appier.net/apnnet?haid=Hhc9Br-U&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=WWj_mtMFDA-lv9C018WIYA&haid=Hhc9Br-U
Request Chain 105
  • https://sb.scorecardresearch.com/b?c1=2&c2=33501131&ns__t=1619576283350&ns_c=UTF-8&c8=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E5%8F%AF%E9%80%A3%E6%8E%A5%E9%9B%BB%E5%AD%90%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%EF%BC%8C%E4%B8%A6%E6%8E%A2%E8%A8%8E%E6%9C%AA%E4%BE%86%E5%BB%BA%E7%AB%8B%E5%A4%9A%E9%82%8A%E8%B7%A8%E5%A2%83%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1619576283350&ns_c=UTF-8&c8=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E5%8F%AF%E9%80%A3%E6%8E%A5%E9%9B%BB%E5%AD%90%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%EF%BC%8C%E4%B8%A6%E6%8E%A2%E8%A8%8E%E6%9C%AA%E4%BE%86%E5%BB%BA%E7%AB%8B%E5%A4%9A%E9%82%8A%E8%B7%A8%E5%A2%83%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&c9=
Request Chain 117
  • https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
  • https://a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net/test.png
Request Chain 167
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10846&adk=1326293989&adf=816031632&pi=t.ma~as.7595289909%2F10846&w=160&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576284765&bpp=23&bdt=34&idt=118&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&correlator=2716429704232&frm=24&ife=3&pv=2&ga_vid=1219951711.1619576285&ga_sid=1619576285&ga_hid=1669025900&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=632989774&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=47819781796240&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.hgvlypx9msph&fsb=1&dtd=136 HTTP 302
  • https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Request Chain 173
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 222
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=4afde29a-8484-4533-9912-cd79f8d7ea5d HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect=
Request Chain 228
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 235
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 244
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286584&bpp=14&bdt=47&idt=125&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=23&ife=4&pv=2&ga_vid=377648637.1619576287&ga_sid=1619576287&ga_hid=884739547&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=924&biw=1600&bih=1200&isw=300&ish=250&ifk=1389141597&scr_x=0&scr_y=0&eid=42530672%2C31060839&oid=3&pvsid=3524611513505430&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qphtaipr2das&fsb=1&dtd=139 HTTP 302
  • https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Request Chain 292
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10624&adk=5587611&adf=272530241&pi=t.ma~as.7595289909%2F10624&w=300&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286838&bpp=11&bdt=63&idt=245&shv=r20210426&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1863273667.1619576287&ga_sid=1619576287&ga_hid=566769407&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=1329&biw=1600&bih=1200&isw=300&ish=600&ifk=3817893244&scr_x=0&scr_y=0&eid=42530672%2C21066428%2C31060614&oid=3&pvsid=2857163765130310&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d0kiijp0nthb&btvi=1&fsb=1&dtd=265 HTTP 302
  • https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Request Chain 304
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 313
  • https://rtb.openx.net/sync/dds?google_gid=CAESENzVzf37Z-VNmgtk_4f1buQ&google_cver=1&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESENzVzf37Z-VNmgtk_4f1buQ&google_cver=1&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ&google_hm=0aeZHMOKzRAWbeCNBDgZDg==
Request Chain 314
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGRY6XGdQGCsUng5snaBoEs&google_cver=1&google_push=AQvitUKlV5Pdq8dCCBqGGfomHGRv2p2J1Y-eeZtqAgf0s9GA4Ku2JitbCJkgCPoyYUEIUgLXb0uRZxy1DrvwZAQsP5JpA-G1FA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGRY6XGdQGCsUng5snaBoEs&google_cver=1&google_push=AQvitUKlV5Pdq8dCCBqGGfomHGRv2p2J1Y-eeZtqAgf0s9GA4Ku2JitbCJkgCPoyYUEIUgLXb0uRZxy1DrvwZAQsP5JpA-G1FA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBZczovtQ8yLFWLzDfiowg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKlV5Pdq8dCCBqGGfomHGRv2p2J1Y-eeZtqAgf0s9GA4Ku2JitbCJkgCPoyYUEIUgLXb0uRZxy1DrvwZAQsP5JpA-G1FA
Request Chain 315
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDSnYNazDQzYJyCqX3iOYTI&google_cver=1&google_push=AQvitUI0EVceHdrO6sjlEuVmzcGb1va0N-V2HfSDDzmHQSA-KIO2-_7J7CCE_b98Vc_GamsgC12zeBDh7DG73rpKhtIWFZZ2V3s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVFdMN0wtMUYtOVBDNQ==&google_push=AQvitUI0EVceHdrO6sjlEuVmzcGb1va0N-V2HfSDDzmHQSA-KIO2-_7J7CCE_b98Vc_GamsgC12zeBDh7DG73rpKhtIWFZZ2V3s
Request Chain 316
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_cver=1&google_push=AQvitUKQUc7qF7qsZa5Htpijbdj8M_7X2R3BKk--BDTYbhijcEkIl26xSUvD8vBXs_Zc7kaerecm7_LSo8am7KIm5S6XG65R1A HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_cver=1&google_push=AQvitUKQUc7qF7qsZa5Htpijbdj8M_7X2R3BKk--BDTYbhijcEkIl26xSUvD8vBXs_Zc7kaerecm7_LSo8am7KIm5S6XG65R1A&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIjF35lCNtNWT6fJzv6JcQAABHcAAAIB&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_push=AQvitUKQUc7qF7qsZa5Htpijbdj8M_7X2R3BKk--BDTYbhijcEkIl26xSUvD8vBXs_Zc7kaerecm7_LSo8am7KIm5S6XG65R1A&google_cver=1
Request Chain 356
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 375
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 377
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect= HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
Request Chain 392
  • https://t.ssp.hinet.net/cm?c=cf&ref=https%3A%2F%2Fcdn.holmesmind.com%2Fjs%2Fcapmapping.htm&cid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq HTTP 302
  • https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3Dcf%26cid%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26ref%3Dhttps%253A%252F%252Fcdn.holmesmind.com%252Fjs%252Fcapmapping.htm%26flag%3D1 HTTP 302
  • https://t.ssp.hinet.net/cm?c=cf&cid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ref=https%3A%2F%2Fcdn.holmesmind.com%2Fjs%2Fcapmapping.htm&flag=1
Request Chain 436
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1 HTTP 302
  • https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
Request Chain 451
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=247bc810-c3c6-4272-bc7d-dd03b9d598e9&google_hm=MjQ3YmM4MTAtYzNjNi00MjcyLWJjN2QtZGQwM2I5ZDU5OGU5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOCTVLhgNry1V0Od698TIpw&google_cver=1&ssp=ucfunnel&bsw_param=247bc810-c3c6-4272-bc7d-dd03b9d598e9 HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=247bc810-c3c6-4272-bc7d-dd03b9d598e9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZjBkNzlhNzAtYzY3Ni0zNzdiLWJiZTQtNGFjYzU1MGExODBj&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x250_newsright.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1 HTTP 302
  • https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x250_newsright.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
Request Chain 479
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect= HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
Request Chain 530
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 538
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESEE0EJF80gGJ1TWSRfYWIvy0&google_cver=1
Request Chain 551
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZjBkNzlhNzAtYzY3Ni0zNzdiLWJiZTQtNGFjYzU1MGExODBj&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZjBkNzlhNzAtYzY3Ni0zNzdiLWJiZTQtNGFjYzU1MGExODBj&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png&google_tc= HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 590
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

594 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set newsviewer.aspx
www.moneydj.com/kmdj/news/ 		75 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
e460547a0bec74074ab0d70cf8e7fa536492dad7775b975e682a78b37b0e351e

Request headers

Host
www.moneydj.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:17:58 GMT; path=/ djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:17:58 GMT; path=/ memlog=9fb1900a-4884-4c9e-b720-9814f19ef582; expires=Thu, 28-Oct-2021 02:17:58 GMT; path=/
Date
Wed, 28 Apr 2021 02:17:57 GMT
Content-Length
27825
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b586b6299996b546ef44061c1c8d4d0c180b68454d475936079695bf90e8c8a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 800 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21061
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:17:58 GMT
pb.js
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Hhc9Br-U
  • https://gocm.c.appier.net/apnnet?haid=Hhc9Br-U&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=WWj_mtMFDA-lv9C018WIYA&haid=Hhc9Br-U
398 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=WWj_mtMFDA-lv9C018WIYA&haid=Hhc9Br-U
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
b0bd255c7d798824df55002643ba705cb0b25869bdb494633c63ce6c34cb1d09

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:59 GMT
via
1.1 google
server
nginx/1.19.0
content-encoding
gzip
alt-svc
clear
vary
Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

location
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=WWj_mtMFDA-lv9C018WIYA&haid=Hhc9Br-U
date
Wed, 28 Apr 2021 02:17:59 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
118
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Js.axd
www.moneydj.com/kmdj/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
57d0627e1aae9f74ebe4f63ab1eef5aba18b768ded1ffdc9073f882a7966d38d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:17:59 GMT
Cache-Control
public
Content-Length
25204
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=NYVDAJShncp1g/+fRXpEXIEXP4A=&t=/kmdj/js/jquery.ui.widget.min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
af968225577f4253077638acb0a9f8becdddd22e1220cc18ad402fe77bab8a51

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:17:59 GMT
Cache-Control
public
Content-Length
1331
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=8GcG3iY+lEHvijKl1tzzvV1EKMc=&t=/kmdj/js/jquery.ui.position.min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b507e7b2bedbfde5243a084b804bddc4826f8417aa91787f4aee4d1d2f2401fe

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:17:59 GMT
Cache-Control
public
Content-Length
1312
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=MryRvFLqWZc+wnmte8XbRTa2lxc=&t=/kmdj/js/json2-min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
49d6261225985a4f22a17dc8adc20e6385d26af45ed6ca9c847d31fbaa26259d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:17:59 GMT
Cache-Control
public
Content-Length
1321
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=NMf0J55CZMWDOOGBDTv3RzyL3GE=&t=/kmdj/js/common.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
250f32725adf2a833d48acc424fe3708dbc5696eea167652f7e4d76c7159dcd1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
1335
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		749 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=Ex6usLMzUu14lDGPUV2ZC+ixtu0=&t=/kmdj/js/jquery.cookie.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
42e7f2776ebf7c6c73a377024b08dec8fc358251838587b12fa601c131b802bb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
432
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		100 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=p18yEbj7MwxwF7zoIFpTIXk03oM=&t=/kmdj/js/djchannel.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
54bcf08b9844662dfb48c7036931003dcbcf7d7fa349ac51b017423b78f0e5a0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
110
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		558 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=yMlGZSz4I/6Wk9Z10JMYxANLRtw=&t=/kmdj/js/replaceWithViewcount.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
57f3a43ca0b1ac17802723d243fc1d1d98aba942f552bfd3f32fd23d361b9690

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
373
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		1 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=ZeEeCXwvxjRzQFnpTQjSxPwTUOU=&t=/kmdj/js/UserLogin.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
fad9001ba06bc6c3b2f88382c76a06b95dbdb13c2e6360b5217a6f9a3b73d5c6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
673
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=XpkPamFgMek0CemnlynSwY+HEG8=&t=/kmdj/js/lgMsg.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
427e11d955882661532a89071884788f31a54cea94684063829a518410aca62f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
1153
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		1001 B
678 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=Qvu8EftZwgHCs0yFiftocKDh1YQ=&t=/kmdj/js/base64.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
bf093b5c9a429e67bd8773c582377500eb7bef4cd2393cd35fec84f762d34f2e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
483
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=Uz6MhUmT4NbNShdphIK6NG2pJdA=&t=/kmdj/js/gibberish-aes.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
585ab22137ac81dbfcc514aaea6f01028cc9413ae319a4c88d3aa535765c269b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
7116
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=LBV9GQ8JsM0UgKwPEF5JTxfczu8=&t=/kmdj/js/jsbn.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
7f7d7878c6c7e664cc9e002ea8cd6fae8b44a61ed6604567c8cc578cc4e32d0c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
3394
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		550 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=bVZcZRKIDw+vOhdbtnZR/4/r7GE=&t=/kmdj/js/prng4.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
10890767f8451d896ff77a8156ef0650a5a7f83304e086c8907f9f5c7331445a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
272
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		1 KB
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=OT738mQd1XOKB2Fix9KC4VfaOSk=&t=/kmdj/js/rng.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
774f520ae45df6655ffab3f2f3680a9bd32ffbd9283e4b32893e0d03a383e80a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
490
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		1 KB
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=mB8jYnvKMGwq+PspiaombAk5M/M=&t=/kmdj/js/rsa.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
086670ac835cb1d6bf72c32a0146baf54f11ba8fd5ef0a2eb77317d9139f5f59

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
643
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=7y1pNAdI5NWkfAV2jJbkDFbpHf0=&t=/kmdj/js/jquery.blockUI.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
948b25f25c8c51f39f38aa13a377e3178b6402d8924deece0bdaab039e9ebe64

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
3285
Content-Type
text/javascript
AutoComplete.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		759 B
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/AutoComplete.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
bf863f2e32ddbb22f724ba98db0e898773e13b9ae6fefc8e185c6049b86e1e71

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
396
blocks.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/blocks.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
9139cc5cfdbdc0aaddafbf5e325198286e32661a8788da905ea377a3f41bb621

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Aug 2019 08:33:07 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1335
dhtmlwindow.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		1023 B
703 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/dhtmlwindow.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2b87c3a88a9e0434eecab706237d91f41359b555a4f8d48624f3664ce7923b2d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
456
editform.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		1 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/editform.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
0bbe6c00bc9231cc9c2b0709c753f0b10df1a976b8b96e819c84dfdaf734d659

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
487
FileUploader.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		2 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/FileUploader.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b014f174a464163b111888cd2f6b6778d2f02046bc5bc54db7dbba87e6db1b7f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
622
modal.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		416 B
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/modal.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
8b0fac12f6bbb9ca9347f6ae2b57877decace3c9a4502a4366cd344381c443ca

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
429
NewDetault.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		60 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
7fcd4f15c4140d7415b9fe3a9d82595a7ead612ad6b92b9b240b1678e1b02090

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 08:59:03 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
13282
paging.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		2 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/paging.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ff8595413cb6b638ef484a7e048468e78df087088a9b6c111d6e527b5c5d8587

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
498
RadMenu.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/RadMenu.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
e51c94a436ad04dbd2f2295c65c1c138404500bd4408e290bcba7409a0fb9218

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
789
TableLayoutCss.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/TableLayoutCss.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ab5a12172c767b9102da6612a1e9220a55a008c30d463ebbda2d9880cb775ca4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1201
treeview.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		2 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/treeview.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
a04ff2c6ab7ad41629063483eb23a5edad226bc9529668faecfb162d63bfcb9f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
421
Window.css
www.moneydj.com/kmdj/App_Themes/Gold/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/Window.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
915852e0927e016c97825306f47b4e7cc7450fb87de9ae737ed10bdfa63b00bd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1104
Js.axd
www.moneydj.com/kmdj/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=k9fK3N8Y/xks5O7bF9QbciBhvy0=&t=/kmdj/js/wikiTagJQ-min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c3d57d470fc761d3a241b4389a041509526fd9821cb724cfed0eda882f452f4b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
1053
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		286 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=C5YK78iaVfq7cvuaiQP7X5CUdoI=&t=/kmdj/js/jquery.utils.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
7e9771aafa927d70fd735020afc98f1aa2c2167f206f43352b6d721d70a856d9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
209
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		199 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=xMMrY+LHswYlfG4bqA9HAYCtogo=&t=/kmdj/js/linkhandler.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
4bd40758f4ea07ce84f9faec3e5b88429309b006082e16d2ab938e861ac49bde

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
159
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=Fw8yc39IiKeuI5936024lUJRsJQ=&t=/kmdj/js/jQuery.MultiSelect.Widget.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
8989d049c6d96ef8534368983923e2527f3b899310d6c623e23142823d24ea82

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
3261
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		2 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=Cjprpj44ZJd0fQAMoHhsFGUJXHs=&t=/kmdj/Css/jQuery.MultiSelect.Widget.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
4babe7b03c861ffd20b3cb0bc4f83a6fd404ff3360090f8033db4f7ea393a91e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:17:59 GMT
Cache-Control
public
Content-Length
614
Content-Type
text/css
Js.axd
www.moneydj.com/kmdj/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=b2P4eq9qyrL7TWVw1uxZ+r2MqWo=&t=/kmdj/js/dhtmlwindow.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c8748716913d8745598f8d951fb16ff416f609c3f80675b33616499eb5f21ac1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:00 GMT
Cache-Control
public
Content-Length
2965
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		2 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=3rxqeMH3l/64tBPrqzCNCw19pSM=&t=/kmdj/js/modal.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2f1df89591ec8f48a6dc4ba04688bd9d09d28dc9e49de12ccd40f4627515772c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
803
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		500 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=YpecCy8iZSiuTy+kS76xnIdAzd8=&t=/kmdj/js/chart/chart_setting.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
30ae3a086a91c3252a3a9af0764e1f47a838ebb45e8b019baf04edc4606e347a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
304
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		1 KB
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
21fd600f77fa9cdcdf0342229cd39d622a88337ede6a780577454c0d5a7f6df4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
363
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		936 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=q7EdfF8KgwFJOwC7PhYGd+YRiuU=&t=/kmdj/js/chart/execuChart.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
8452a1cc15705046dd0d5f5b62b74bd212f9440ebdd8c150127815a192e0405a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
552
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=7rt+cG90+J06yVm+oDq3vvysfpA=&t=/kmdj/js/util.string.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f74dad533f65177fc4ac3d1382e9e9d465e5d7c5ff96a6999cf1d668590e3003

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
2921
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=bRc/L51RQbXhJWs2p0QPfdDodQs=&t=/kmdj/js/MicroBlogFW.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
9d1e7cd507f100a1f1322846a870f5033fb847fcaf1fc5f4892f5ca573c34ee4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
920
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=y1uWJZqmH1yGRBIrhZa03KJRVzE=&t=/kmdj/js/jquery.ui.core.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
36fd029b3bafd141fb21f2c4fb4a832aa48f599e97dd83f9496422f9dd812658

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
2016
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=oIBwxSo2cigVxkQ8AkkY2I0XicQ=&t=/kmdj/js/jquery.ui.datepicker.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
9bb36d1ec58f42e7a5359aa8a20bf228ee07ef0cfd2466682aa1e238f9627cc8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
12072
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=U6wzzlQE24rywAkJkRWqIn4YXTE=&t=/kmdj/Css/jquery-ui-1.8.16.custom.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
8957e2ee20b6aabb9a9350f35fc95f8f0f88cd29651d1ef9e0ac624db0476ca8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:17:59 GMT
Cache-Control
public
Content-Length
1814
Content-Type
text/css
Js.axd
www.moneydj.com/kmdj/ 		344 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=v5m9X0GbOtx0LHPeOXQ9tRPNUnU=&t=/kmdj/js/Watermark.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
d6e530c426e1f8a9fcd59adaad82922ea478b41fd8e1f714ce316b4200247cc9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
193
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=vV5y3/G4qdLvh9RzyZHY0eaCgEw=&t=/kmdj/js/Tabs.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
232e47c1199ade628e6ab88540abca7c1789da3e79f1788b9a6a6448384df52d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
983
Content-Type
text/javascript
Js.axd
www.moneydj.com/kmdj/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/Js.axd?k=e6fnz3Ja44/m+3jOe55yRL2XYHQ=&t=/kmdj/js/HotTabs.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
86261953c1068a5868e785e5ad1883d11387c122d573d16fc6ea4f39ae69ebd7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Expires
Thu, 28 Apr 2022 02:18:01 GMT
Cache-Control
public
Content-Length
2041
Content-Type
text/javascript
WebResource.axd
www.moneydj.com/KMDJ/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/WebResource.axd?d=UoTuX86ElZ_KcpR6Q4v2n_-Gq9Z5wZFc_uhSuIr5zgYMuTor1ijip8cCUoBb2Fm-iSGapDckmKlbsLphi97TW_Mlsh01&t=637347074880000000
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 21:24:48 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
6007
Expires
Wed, 27 Apr 2022 20:40:35 GMT
plusone.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0593a255a01933e26823747656a39bc1fc7188582e67ac5223eefa74f7c2c021
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ShYqZSrtUz8yt+yyejZulw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"4fc60c8cf782c16d4329b84dfda715b7"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-ShYqZSrtUz8yt+yyejZulw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:17:58 GMT
Cookie set djchannel_White.css
www.moneydj.com/z/js/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/z/js/djchannel_White.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b308975aadeba3f6ab3008fc1a6b6199b713ebccb5db1161693ed29a0b7b5f49

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:17:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Mar 2015 10:08:15 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
1132
Cookie set djchannel.js
www.moneydj.com/z/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/z/js/djchannel.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
4f352d28d3fe7b60091e674db1af430d3aa787e74671affdc2cdde1e7147458d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
djaid=1.5b42a904-aa43-461a-83ff-39d8d6f453f8.1619576278.1039206186.0.0.77693; memlog=9fb1900a-4884-4c9e-b720-9814f19ef582
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 07:09:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
2961
Cookie set Arrow_Down_Black.png
www.moneydj.com/images/ 		944 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/images/Arrow_Down_Black.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
6ebfc4a255941a51a405c59b3d532ae0afe9cdec2591374ac1ea80d553f5594b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 25 Apr 2013 03:41:24 GMT
Set-Cookie
djaid=1.f573f781-9e38-4d3f-9727-582b6eb9695b.0.1039206186.0.0.cf8e0; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
944
Content-Type
image/png
Cookie set spacer.gif
www.moneydj.com/kmdj/images/ 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/images/spacer.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Set-Cookie
djaid=1.f2bb890b-d77e-42d1-a236-e5678a270f79.1619576283.1039206186.0.0.66c60; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
43
Content-Type
image/gif
Cookie set gBT_Search.gif
www.moneydj.com/kmdj/images/ 		531 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/images/gBT_Search.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
860406da40dabcde2a28290ae1bd4042efba6fa45e0f6e6c81c0424f8f872418

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Set-Cookie
djaid=1.ebbf57fc-5ed4-4302-8fee-c4687ef77559.1619576283.1039206186.0.0.011da; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
531
Content-Type
image/gif
Cookie set jdMenu.js
www.moneydj.com/funddj/Menu/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Menu/jdMenu.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2c8b37d814f6f66fbd36a7e1e2aff7acf9c0275d024cde9c18e717c6d1ddecdd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Apr 2011 10:03:16 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.7c6997d3-edd1-48f1-a7bb-bb7ef8e3c81d.1619576281.1039206186.0.0.0bc7e; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:01 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
638
Cookie set viewcount.js
www.moneydj.com/KMDJ/js/ 		634 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/js/viewcount.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
d8da4fc00e7d4ab411ce2d5d205f709cbd4935be6e8f50e897d45ff9e60de503

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.3e83762f-0dda-4e92-9c33-27b7d5e61055.1619576281.1039206186.0.0.d5823; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:01 GMT; path=/
Accept-Ranges
bytes
Content-Length
332
Collect.gif
www.moneydj.com/kmdj/Icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/Icons/Collect.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
fcbe14a8ddb57fc5916dcbce7a41954412ed2559c2696f9be3538b77e108c672

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; djaid=1.edeb6782-4d15-420a-94b9-9cf75df71ede.1619576283.1039206186.0.0.e6eb5
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
1033
Content-Type
image/gif
all.js
connect.facebook.net/zh_TW/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/all.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a684d680866552f74f63031c8f57cbac5cc301140f2493e8c456d735eb4d0c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ygDsKXgAviGtILb9YdiVqw==
cross-origin-resource-policy
cross-origin
expires
Wed, 28 Apr 2021 02:38:02 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
AHpBXbxqYZ1xK8BBzFQMgyL8X9tWgg0/uW3iG69JmRHU4DwBsJfN1WImdMWKhLUBbDebDkF+rjxF8dn9HDfJZQ==
x-fb-trip-id
512678718
x-fb-content-md5
312195b94d0f5b135fad230d85848fca
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 28 Apr 2021 02:18:02 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"351081897448b6bc344640f88df8d6c3"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
Cookie set getTextAD.aspx
www.moneydj.com/ads/ 		19 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA435&notable=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=vluwxf45t0of1q45v325pjia; path=/; HttpOnly
Content-Length
136
Cache-Control
private
Content-Type
text/javascript; charset=big5
getTextAD.aspx
www.moneydj.com/ads/ 		19 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA56&NoTable=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d; ASP.NET_SessionId=vluwxf45t0of1q45v325pjia
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
136
Vary
Accept-Encoding
Content-Type
text/javascript; charset=big5
getTextAD.aspx
www.moneydj.com/ads/ 		19 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA436&NoTable=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d; ASP.NET_SessionId=vluwxf45t0of1q45v325pjia
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
136
Vary
Accept-Encoding
Content-Type
text/javascript; charset=big5
GetFormAd.aspx
www.moneydj.com/ad_form/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ad_form/GetFormAd.aspx
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f1c4b0c685e07c923b70f28bacce7a2aa9894beb4e96bbc373401bad66419495

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d; ASP.NET_SessionId=vluwxf45t0of1q45v325pjia
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
905
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cookie set ProjectList.js
www.moneydj.com/funddj/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/js/ProjectList.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
1d4f6e8496ceeb03a651b50e48e62aaec6074c8c9c4f4ff7a6cab2f728400e21

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d; ASP.NET_SessionId=vluwxf45t0of1q45v325pjia
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Oct 2015 07:08:48 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
1368
Cookie set LogJS.axd
www.moneydj.com/InfoSvc/ 		523 B
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/InfoSvc/LogJS.axd?a=KM_A
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
bd0f711ce201428d041054d6e97c0c46b5f6d46959f018533c533648af8c507e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d; ASP.NET_SessionId=vluwxf45t0of1q45v325pjia
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache
Set-Cookie
_Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; expires=Wed, 28-Apr-2021 03:18:03 GMT; path=/
Content-Length
577
Expires
-1
network.js
cdn.innity.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/network.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8d63c4af4bac69242b78473a8bf1ddf615cfeaa81c4dccdf042e53ec7250a59

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Mar 2018 07:39:17 GMT
Server
Apache
ETag
"285c-5676e96c35340-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3290
Expires
Thu, 29 Apr 2021 02:18:03 GMT
getTextAD.aspx
www.moneydj.com/ads/ 		276 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA105
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b1d4c3a337686c06292a38e20dcdbec4ba9fd2cb2f38c8c2ccf23227f074387f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d; ASP.NET_SessionId=vluwxf45t0of1q45v325pjia
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
304
Vary
Accept-Encoding
Content-Type
text/javascript; charset=big5
bt-news-search.gif
www.moneydj.com/kmdj/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/Images/bt-news-search.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2e73791f77b96b34a35920a22df77abfa664441d46662dcb8a806e3a5822874d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; djaid=1.f0cb45f9-f56d-4c64-9f9b-953fdd5e48d9.1619576283.1039206186.0.0.023b4
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
2043
Content-Type
image/gif
Cookie set getTextAD.aspx
www.moneydj.com/ads/ 		19 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA448&notable=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; djaid=1.ebbf57fc-5ed4-4302-8fee-c4687ef77559.1619576283.1039206186.0.0.011da
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; path=/; HttpOnly
Content-Length
136
Cache-Control
private
Content-Type
text/javascript; charset=big5
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
72c07f7143a03da5c551e7f27b38e6283adde0977d9627c49b1ac862372b6eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 689 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21058
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:03 GMT
jdMenu.css
www.moneydj.com/KMDJ/Css/ 		2 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/Css/jdMenu.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ec4fb247cdece26f52a88d2ece2fad744bf82514515b807b87cc50138c28e0e0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; djaid=1.a94b8bab-07bf-4f9d-8dcd-cfba10ed9fcc.1619576283.1039206186.0.0.bf620
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
773
Cookie set djchannel_All.css
www.moneydj.com/z/js/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/z/js/djchannel_All.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ef3e9b463af56b1e81e56d5a7da0fe840b1ed804c2c6fc931c88f8bec7a72fcf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; djaid=1.d576d9c0-bae3-40a2-b80c-0a0a1515150c.1619576283.1039206186.0.0.412bc
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jul 2018 00:44:15 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
1526
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:03 GMT
pb.bid
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 		1 KB
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=WWj_mtMFDA-lv9C018WIYA&haid=Hhc9Br-U&hzids=HaIe9M--,HaI69M--,HaIi9M--
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Hhc9Br-U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
9c975e6d48676798bdc22a92d89aaf3f0a98dc764fe66a7f43dda0dea3389c33

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
via
1.1 google
server
nginx/1.19.0
content-encoding
gzip
alt-svc
clear
content-type
text/html; charset=utf-8
Cookie set cookie.djjs
www.moneydj.com/z/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/z/js/cookie.djjs
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/z/js/djchannel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f96ff5c085cc5430ec69c67418f7fde356974d05a8216ea1bdf6cf5974eb169b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; djaid=1.f0cb45f9-f56d-4c64-9f9b-953fdd5e48d9.1619576283.1039206186.0.0.023b4; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Apr 2021 12:28:02 GMT
DJ_Expired
<!--2021/05/01 08:00:00-->
Content-Type
text/javascript
Cache-Control
private
Set-Cookie
USER=; path=/
Content-Length
786
Expires
Wed, 28 Apr 2021 02:33:04 GMT
Cookie set chartall.1.2.1.js
www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/ 		785 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/chartall.1.2.1.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
e61641df53d13dc883a7586f4a43b24545aef0c2d414ac7aaa90159605bc3413

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Apr 2014 06:30:37 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.ae55ca2d-e080-46c6-9978-f4b188a3ed21.1619576281.1039206186.0.0.42f95; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:01 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
198755
Cookie set MbChart.Config.1.2.1.js
www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/MbChart.Config.1.2.1.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c8e74b60a68fe6dfaa44e5ec7924fc3852d42c8f12b4107da837a9ad5e99655d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Feb 2014 08:23:22 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.772ad5ee-6bc9-4741-a601-4d47c3de9eee.1619576282.1039206186.0.0.4036d; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:02 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
3262
Cookie set FundView.1.2.1.css
www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/DJJSLib/CanvasChartSVC/1.2/FundView.1.2.1.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
5c53384eb57611a57a6136766a39fc6deb5da74db2bcc95629cea73f9d87abca

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Feb 2014 07:11:29 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Set-Cookie
djaid=1.485fbf13-06a4-4f23-bc2d-067f2c7e23de.1619576281.1039206186.0.0.70c1a; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:01 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
3713
Cookie set MbChart.Config.1.2.1.js
www.moneydj.com/KMDJ/js/chart/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/js/chart/MbChart.Config.1.2.1.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
3940065d52f8b53136b319b9a420063253dcece16b6b6e7ea9367595ae655b54

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.0be4579d-b4da-4d84-a127-c492e2297f38.1619576282.1039206186.0.0.cacd3; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:02 GMT; path=/
Accept-Ranges
bytes
Content-Length
3250
Cookie set techCalc.min.js
www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/techCalc/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/techCalc/techCalc.min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2221258151c74d7b31ce133e4a84ffc81569f3282aec1137560de34a0f7b3881

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Oct 2016 02:31:14 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.7f817337-7acf-4879-b756-bec0970d46cc.1619576282.1039206186.0.0.65493; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:02 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
5363
Cookie set CSD.js
www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/CSD.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
22a3b24ffae61de035e980f880569ae085f732bde05715192e963bfae2be2c8a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Oct 2013 09:19:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.17b9d1ce-2401-48ed-af2e-262cb5e79bd5.1619576282.1039206186.0.0.56576; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:02 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
12206
Cookie set CSD.css
www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/DJJSLib/CanvasChartSVC/plugin/CSD/1.1/CSD.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
52ca43c7ddac4c3c8d0a803f2bebceae02d3243b34fbcabc640906a4fa04ab19

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Oct 2013 09:53:25 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Set-Cookie
djaid=1.f2bdc967-e31b-4b3c-b6c7-c86ee56e8231.1619576281.1039206186.0.0.e1a01; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:01 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
2738
Cookie set ListView.min.js
www.moneydj.com/DJJSLib/CanvasChartSVC/extend/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/DJJSLib/CanvasChartSVC/extend/ListView.min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2e27421fef03ae533242b5a35b3a198994db9dc580ed6c5a8977614eba50ee37

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2013 06:47:20 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.b897e179-3c7a-41c7-82f5-b0ef60c60054.1619576282.1039206186.0.0.24d13; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:02 GMT; path=/ USER=; path=/
Accept-Ranges
bytes
Content-Length
2134
Cookie set chartloadobj.js
www.moneydj.com/KMDJ/js/chart/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/js/chart/chartloadobj.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
66d1325c8c80043fe112b0b8006a599e2d318a9f8088ef92863cd6d7bec92e2d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.49878c4a-fafe-41d9-8275-3b27714da74a.1619576282.1039206186.0.0.0b488; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:02 GMT; path=/
Accept-Ranges
bytes
Content-Length
3210
Cookie set chartload.js
www.moneydj.com/KMDJ/js/chart/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/js/chart/chartload.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=/Lp//nKsjm89aPVucSWFb27kSeo=&t=/kmdj/js/chart/chart_include.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
54b85078e8213f91293b00f73111d5446826454d1d755339086be35238c019b6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.aa70cf4b-0b6c-4c39-b496-f3b8424eb02e.1619576282.1039206186.0.0.bdf7d; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:02 GMT; path=/
Accept-Ranges
bytes
Content-Length
2087
gtm.js
www.googletagmanager.com/ 		181 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c01da61acefa343d431689e081cef8259f86e1f355fa85f68b2bfee5d6ebdb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47776
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Apr 2021 02:18:03 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ 		142 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b4f01e3784c081814429943d9a1cafcaa556bae64e786806e2e757be1fbb013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 17:31:34 GMT
server
sffe
age
19856
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50899
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:47:07 GMT
Cookie set banner.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		382 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/banner.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2718d43e3dd253a6a4a2997e5f4ee6b3eb8bcd4581453ac3a70b2858f6af2b25

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Set-Cookie
djaid=1.85b7b03e-812b-4052-948c-5bf2dc8e32b5.1619576283.1039206186.0.0.2ba5a; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
382
Content-Type
image/gif
Cookie set Logo-Wiki-200x115.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/Logo-Wiki-200x115.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
056ae0c995e2cb4118407bff91ed2a1365bd563f52b8806ae70ce8d4ce1e7971

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Set-Cookie
djaid=1.97742a3e-a55b-424b-8a47-6bb3a0b508f0.1619576283.1039206186.0.0.f04e3; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
7868
Content-Type
image/gif
Cookie set logo-wiki-news200x115.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/logo-wiki-news200x115.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f36851f555778bcca0fee94e6b673d99431ec704b0bcb1526cda4e38037f4464

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Set-Cookie
djaid=1.c4efb6d5-cd91-4ab3-91b5-de6bcb6be2aa.1619576283.1039206186.0.0.0b6d7; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
7239
Content-Type
image/gif
Cookie set top-menuBG.jpg
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		604 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/top-menuBG.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
106c04904b570c07db36ece67fd06343462f684f7335ba4079b11a1d7238adcf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Set-Cookie
djaid=1.67aa3626-580f-4501-97d2-923df3b55244.1619576283.1039206186.0.0.a3bda; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
604
Content-Type
image/jpeg
Cookie set search-bg.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/search-bg.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
d078224b4409d3443f851562e6707e68e258f7c32159f7c3e917eaf8e9e87bac

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Set-Cookie
djaid=1.f212dda5-895a-4a02-88b6-73ada092263e.1619576283.1039206186.0.0.981c8; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
1653
Content-Type
image/gif
Cookie set jquery.bgiframe.js
www.moneydj.com/funddj/Menu/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Menu/jquery.bgiframe.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
79a002b68c2f4e69aad0de6feb75b5cddaf84924b336954e782c68cd5cea0130

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jan 2009 07:57:22 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.a94b8bab-07bf-4f9d-8dcd-cfba10ed9fcc.1619576283.1039206186.0.0.bf620; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
1796
Cookie set jquery.dimensions.js
www.moneydj.com/funddj/Menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Menu/jquery.dimensions.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
0282e0f6178e8571e579219591a7da1e44e728b89cbbc636cc076381cbf9e806

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Jan 2009 09:42:04 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.d576d9c0-bae3-40a2-b80c-0a0a1515150c.1619576283.1039206186.0.0.412bc; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
1290
Cookie set jquery.positionBy.js
www.moneydj.com/funddj/Menu/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Menu/jquery.positionBy.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f55dc50f6554bf0cc63a933da57b95bdf8468ed4f91667cf67554c3652c9c47d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jan 2009 07:34:26 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.edeb6782-4d15-420a-94b9-9cf75df71ede.1619576283.1039206186.0.0.e6eb5; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
2890
Cookie set jquery.jdMenu.js
www.moneydj.com/funddj/Menu/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Menu/jquery.jdMenu.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
dc69cbb04dd6ae64f63a71acdf08c28fc15eaec9204e4b09aec68812572e0707

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 May 2015 04:29:34 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
1722
Cookie set jquery.jdMenu.css
www.moneydj.com/funddj/Menu/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Menu/jquery.jdMenu.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
e55db04564069cf9e13c156b85c783ba19ead2ec7614592bbf72c1694ece07d9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Apr 2011 10:03:16 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Set-Cookie
djaid=1.c566f867-473c-4a2d-bf06-77f2c4f65eb7.1619576283.1039206186.0.0.1ca52; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
667
Cookie set jdMenuGen.js
www.moneydj.com/funddj/Menu/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Menu/jdMenuGen.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jdMenu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
8536b5e98da7156d3c79f37ff3cd76d7f793e63b1f8675253643fb78a0056c5f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Mar 2015 06:45:23 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
djaid=1.f0cb45f9-f56d-4c64-9f9b-953fdd5e48d9.1619576283.1039206186.0.0.023b4; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
2023
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2250
date
Wed, 28 Apr 2021 01:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 28 Apr 2021 03:40:33 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-63.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
29437
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 a6f1f6a7cb5a93f6f494d1d5945d867c.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
MAD50-C1
X-Amz-Cf-Id
8S5782fsYDgL8PE8OR_PWnpBz0tqf_s4zvUjNOcLLq5yDKwUHhs8NA==
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:43 GMT
content-encoding
gzip
age
560
x-guploader-uploadid
ABg5-Ux7vjRB7AZfX5ciMgt2mQVjKKoCYDIlYNmC41dETqVep8HgAz3vFS3AHwcEKiAc_upY1dUnSRcHMtQ86Ru4a9cKCfDXtA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 28 Apr 2021 02:18:43 GMT
Cookie set NewsAD.css
www.moneydj.com/funddj/ad/ad_news/ 		420 B
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/ad/ad_news/NewsAD.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
e00b504aa169ae611abc550b7f609a2be2d0427d8d3029e0c27a94f33fc6874b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2017 08:06:17 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Set-Cookie
djaid=1.bdc41165-3bb9-456a-a737-4268f29c6079.1619576283.1039206186.0.0.8974d; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:03 GMT; path=/
Accept-Ranges
bytes
Content-Length
341
Cookie set NewsAD.js
www.moneydj.com/funddj/ad/ad_news/ 		822 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/ad/ad_news/NewsAD.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b86a1909d262f05aff9803d767f9bb9832b1ecb64de5be51dd83f6f4bb492092

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2017 08:04:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
531
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23961
x-fb-rlafr
0
pragma
public
x-fb-debug
a/uqFXfm9z+V6dd6s3nCKQmvMBM2qS0sQKbHmT4V+S0WQXauM03O77SlJM5YRXKAfLj7/SjtPTa4IBtb2WD9wQ==
x-fb-trip-id
512678718
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:18:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=33501131&ns__t=1619576283350&ns_c=UTF-8&c8=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E5...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1619576283350&ns_c=UTF-8&c8=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1619576283350&ns_c=UTF-8&c8=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E5%8F%AF%E9%80%A3%E6%8E%A5%E9%9B%BB%E5%AD%90%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%EF%BC%8C%E4%B8%A6%E6%8E%A2%E8%A8%8E%E6%9C%AA%E4%BE%86%E5%BB%BA%E7%AB%8B%E5%A4%9A%E9%82%8A%E8%B7%A8%E5%A2%83%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&c9=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-52.mad50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
via
1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
b39VrhH0HNCWzuT4CXmLqNogWD89cqJMZoiXHKQ5Y5vMD6p0_GJJ8Q==

Redirect headers

date
Wed, 28 Apr 2021 02:18:03 GMT
via
1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=33501131&ns__t=1619576283350&ns_c=UTF-8&c8=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E5%8F%AF%E9%80%A3%E6%8E%A5%E9%9B%BB%E5%AD%90%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%EF%BC%8C%E4%B8%A6%E6%8E%A2%E8%A8%8E%E6%9C%AA%E4%BE%86%E5%BB%BA%E7%AB%8B%E5%A4%9A%E9%82%8A%E8%B7%A8%E5%A2%83%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&c7=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&c9=
content-length
672
x-amz-cf-id
2tV7B05sD3G7TmjXuaKX1niflt5B9btb8cEU2W5UhFZcPOSHflqxBg==
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2016457015839363&correlator=496070983015074&output=ldjh&impl=fifs&eid=31060790%2C31060320&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=126805407%2Cmoneydj_news_content_160600_1%2Cmoneydj_AllChannel_72890_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1619576283&dt=1619576283407&dlt=1619576278653&idt=4717&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C514&adys=-9%2C52&adks=492727391%2C324619989&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C728x90&msz=0x-1%7C728x-1&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=false&fws=2%2C0&ohw=0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5a56c4a33c24512acb74fc34ace69542adda68d36eef84c9c6b0a465ad9cde10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9800
x-xss-protection
0
google-lineitem-id
5375506317,4407064514
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138322159628,138346631287
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.moneydj.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2053972232&t=pageview&_s=1&dl=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E5%8F%AF%E9%80%A3%E6%8E%A5%E9%9B%BB%E5%AD%90%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%EF%BC%8C%E4%B8%A6%E6%8E%A2%E8%A8%8E%E6%9C%AA%E4%BE%86%E5%BB%BA%E7%AB%8B%E5%A4%9A%E9%82%8A%E8%B7%A8%E5%A2%83%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1950763636&gjid=1063333188&cid=2084249410.1619576283&tid=UA-8400411-3&_gid=1695806535.1619576283&_r=1&gtm=2wg4e1XBJJ&z=1186543430
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.moneydj.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-8400411-3&cid=2084249410.1619576283&jid=1950763636&gjid=1063333188&_gid=1695806535.1619576283&_u=YAhAAEAAAAAAAC~&z=230593933
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 28 Apr 2021 02:18:03 GMT
content-type
text/plain
access-control-allow-origin
https://www.moneydj.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
2550982111798094
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2550982111798094?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
34d4193e1e0e261b311e3f5325d1a9b6718146b0ec1d709827d220803d165c8b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74144
x-fb-rlafr
0
pragma
public
x-fb-debug
VnYyVERngJnDtqcvtET5uEJPmOl3PIkQMS08ImLdqCbQRCi1stBf0awdaSeBYOW0AUaCaAdHN6xFY9rohBSSLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:18:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8400411-3&cid=2084249410.1619576283&jid=1950763636&_u=YAhAAEAAAAAAAC~&z=1675347617
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8400411-3&cid=2084249410.1619576283&jid=1950763636&_u=YAhAAEAAAAAAAC~&z=1675347617
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E6%96%B0%E5%8A%A0%E5%9D%A1%E8%88%87%E6%9F%90%E4%BA%9B%E5%9C%8B%E5%AE%B6%E5%90%88%E4%BD%9C%E5%BB%BA%E7%AB%8B%E5%8F%AF%E9%80%A3%E6%8E%A5%E9%9B%BB%E5%AD%90%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%EF%BC%8C%E4%B8%A6%E6%8E%A2%E8%A8%8E%E6%9C%AA%E4%BE%86%E5%BB%BA%E7%AB%8B%E5%A4%9A%E9%82%8A%E8%B7%A8%E5%A2%83%E4%BB%98%E6%AC%BE%E7%B3%BB%E7%B5%B1%20-%20%E6%96%B0%E8%81%9E%20-%20%E8%B2%A1%E7%B6%93%E7%9F%A5%E8%AD%98%E5%BA%AB%20-%20MoneyDJ%E7%90%86%E8%B2%A1%E7%B6%B2&time=1619576283580&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&random_number=18606210116&sess_cookie=f19cc8d81791644e1baca92ab23&sess_cookie_flag=1&user_cookie=f19cc8d81791644e1baca92ab23&user_cookie_flag=1&dynamic=true&domain=moneydj.com&account=2V1dn1a4KM107i&jsv=20130128&user_lang=en-US
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-29.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:03:29 GMT
Via
1.1 6e828213221a8cbea0c54b35955f0008.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
874
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
MAD50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
7-oWDuPslmkmRVSF15xLnP0ok1yvIQL3iadLA7T1Xe9N0cRTNl5r6g==
test.png
a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net/
Redirect Chain
  • https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
  • https://a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net/test.png
58 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net/test.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.148.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-148-191.nrt51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Via
1.1 eae246afe964f7c3bcdcd6a113b3570f.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
VSkOnQHUyMB_Q0XsGfz_9HE-6hsDx6iFHmNiQa611aMJ-uyTJt35Yw==
Expires
Wed, 28 Apr 2021 02:18:04 GMT

Redirect headers

location
https://a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net/test.png
date
Wed, 28 Apr 2021 02:18:04 GMT
server
Server
access-control-allow-origin
*
content-length
0
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2550982111798094&ev=PageView&dl=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&rl=&if=false&ts=1619576283642&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619576283641.1211707188&it=1619576283498&coo=false&rqm=GET
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 28 Apr 2021 02:18:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6900 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDgUDpqz0HGMb9asqEEiK_ry2-ZMPVswPhE0lfWXBJNd5wRRhhPM2q0-VB_zF408RVUc8jLvz-8lC8ih5LqTveivyzqW2Qoo6GoLn1hofbpQi2s78z9UbNAgrSaof6tWb0ioiFy1rtoKNBfzpRf7Vafv5tnwBOc4rnyZOcinGuwm_nlmsOfYVOp9dR7ejbfCFJQPMaemmb9R_IsA_Avb8CsBK5poTnyRRbtXd-g6_fg6hBQLwV-CJS-fxS1WBmtKDzdxGLQuVJtI32kCbUmHsH1vGCbHtVoqghw2QJodsy6SLbnx7lGQXvLQRAKA&sai=AMfl-YRHUsoPax0P33RMi6-gko58hF3QXg8xxNEa2wacciBubTwlgRb6lP_DxtG2UW2JnJqXM9hZjsnffWpLoX2YKePxNWq_XF6YfZCvrd6fIfpeLJilRPhsDJgZVufBZ_o&sig=Cg0ArKJSzE-QJLAZqPlkEAE&adurl=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:18:03 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 6900 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6900 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:03 GMT
l
www.google.com/ads/measurement/ Frame 6900 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQV1FpaQBPgrTpZ861bT3UY4-6dQhc8EEXoV22zYTcCG7yr7JF0ojCgB_jK0pqBbyv09X6u
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6078408191886295163
tpc.googlesyndication.com/simgad/ Frame 6900 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6078408191886295163
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96d9f76c12ede08214c22b293ae754d9b2978d8eccdbb1c9cead9aba408cddca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:00:44 GMT
x-content-type-options
nosniff
age
141439
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80004
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 10:01:49 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Apr 2022 11:00:44 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6900 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvb2TZHJ0n_A1MOkbr6JW4U7fwrWEZIUWpPvby_nh4n9uG26n25itEekpBpdzRXoKeJMY3XDm44VqP-siGV8mTgaTXZPjU_eR9Kz6Zpp7U2oa3BV1gJ0QzOxE7XD9grkdCDZVWwEo-0rHfiiZ0TFwcJO9eB8YVIAi2CfGkfvfoal4p0jMwXqf_ecGSQAcrjd1JalyB4a7zkAFgOsqVYXNUJ3Y8wTRFdZzgslhIKUJnEeiq4oLlLAX1EMXTKeJcU0T4bl-Vc-G2A-nI7jH1hmZmg-prXS0mpCkusldWcrDHeJiqFAqZqpZk56LbDyEwK&sai=AMfl-YSjERdlqYEcO9OvVk-FKmqVIrK4MvNHcihAw1WhUWv5J5LBGI0pZzYehwSnQ3YiUOXl2GAQq8w0eV0pSeUKFd9UTkGwQLr5MG_4DksHdaauUDf4C6HeFCZqyLGy628&sig=Cg0ArKJSzAUubfkgbx0yEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:18:03 GMT
truncated
/ Frame 6900 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ca5033e09803bdb9768d4a6c5f823652049ea81c2819e512241364e3e25af02

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryjrNAJz6TBNMfPD6a

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 28 Apr 2021 02:18:04 GMT
content-type
text/plain
access-control-allow-origin
https://www.moneydj.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
HeadLineNews.axd
www.moneydj.com/KMDJ/ 		50 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/HeadLineNews.axd?a=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f9e35c5d0e1de76846d607627d91fec24cb86f391aaa4d332ebe23b549c26c8e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Cache-Control
public, max-age=86400
Content-Length
51103
Content-Type
application/json; charset=utf-8
HeadLineNews.axd
www.moneydj.com/KMDJ/ 		50 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/HeadLineNews.axd
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f9e35c5d0e1de76846d607627d91fec24cb86f391aaa4d332ebe23b549c26c8e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Cache-Control
public
Content-Length
51103
Content-Type
application/json; charset=utf-8
GetADPage.aspx
www.moneydj.com/KMDJ/ad/ Frame C782 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
62adbcad511e77b1195ebf117b4dec4bc5c9f32ea5890c95b8923e05b97d2dd8

Request headers

Host
www.moneydj.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128

Response headers

Cache-Control
private
Content-Type
text/html; charset=big5
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Length
1482
8a977847-970b-48b2-b188-fbf10b1b2128
www.moneydj.com/KMDJ/REST/Article.svc/VC/NS/ 		54 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/REST/Article.svc/VC/NS/8a977847-970b-48b2-b188-fbf10b1b2128
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
a331001d01439e3d0261be02f7d1efc7877e4405f4a8d88540c061d387743287

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.moneydj.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Content-Length
0
Pragma
no-cache
Host
www.moneydj.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Cache-Control
private
Content-Length
54
Content-Type
application/json; charset=utf-8
getTextAD.aspx
www.moneydj.com/ads/ 		19 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA288&notable=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
136
Vary
Accept-Encoding
Content-Type
text/javascript; charset=big5
AutoComplete.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		759 B
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/AutoComplete.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
bf863f2e32ddbb22f724ba98db0e898773e13b9ae6fefc8e185c6049b86e1e71

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
396
blocks.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/blocks.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
9139cc5cfdbdc0aaddafbf5e325198286e32661a8788da905ea377a3f41bb621

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Aug 2019 08:33:07 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1335
dhtmlwindow.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		1023 B
703 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/dhtmlwindow.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
2b87c3a88a9e0434eecab706237d91f41359b555a4f8d48624f3664ce7923b2d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
456
editform.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		1 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/editform.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
0bbe6c00bc9231cc9c2b0709c753f0b10df1a976b8b96e819c84dfdaf734d659

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
487
FileUploader.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		2 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/FileUploader.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b014f174a464163b111888cd2f6b6778d2f02046bc5bc54db7dbba87e6db1b7f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
622
modal.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		416 B
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/modal.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
8b0fac12f6bbb9ca9347f6ae2b57877decace3c9a4502a4366cd344381c443ca

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
429
NewDetault.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		60 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/NewDetault.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
7fcd4f15c4140d7415b9fe3a9d82595a7ead612ad6b92b9b240b1678e1b02090

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 08:59:03 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
13282
paging.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		2 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/paging.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ff8595413cb6b638ef484a7e048468e78df087088a9b6c111d6e527b5c5d8587

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
498
RadMenu.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/RadMenu.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
e51c94a436ad04dbd2f2295c65c1c138404500bd4408e290bcba7409a0fb9218

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
789
TableLayoutCss.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/TableLayoutCss.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ab5a12172c767b9102da6612a1e9220a55a008c30d463ebbda2d9880cb775ca4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1201
treeview.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		2 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/treeview.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
a04ff2c6ab7ad41629063483eb23a5edad226bc9529668faecfb162d63bfcb9f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
421
Window.css
www.moneydj.com/KMDJ/App_Themes/Gold/ Frame C782 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/Window.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
915852e0927e016c97825306f47b4e7cc7450fb87de9ae737ed10bdfa63b00bd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1104
WebResource.axd
www.moneydj.com/KMDJ/ Frame C782 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/KMDJ/WebResource.axd?d=UoTuX86ElZ_KcpR6Q4v2n_-Gq9Z5wZFc_uhSuIr5zgYMuTor1ijip8cCUoBb2Fm-iSGapDckmKlbsLphi97TW_Mlsh01&t=637347074880000000
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 21:24:48 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
6007
Expires
Wed, 27 Apr 2022 20:37:30 GMT
Cookie set cookie.js
www.moneydj.com/z/js/ Frame C782 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/z/js/cookie.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
0ce8d906856c74a79a728b8d352992c6eb0e39764d3b683036f1f91c9d3455de

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Nov 2003 08:29:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
1061
getTextAD.aspx
www.moneydj.com/AdS/ Frame C782 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/AdS/getTextAD.aspx?Type=ButtonTextA104&NoTable=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
da31a657f332dbdea00bad7b7b791e6507a32140cd22e1bf697ebd4840bb4292

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/ad/GetADPage.aspx?Type=ButtonTextA104&color=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
850
Vary
Accept-Encoding
Content-Type
text/javascript; charset=big5
Cookie set Arrow_Down.gif
www.moneydj.com/funddj/images/ 		51 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/funddj/images/Arrow_Down.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
6e31dd0b786fd91dc338ad47d525a36b9fddc0bedf7fe2245b9ac16aa76c9b5a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Cache-Control
max-age=604800
Last-Modified
Mon, 11 Jan 2010 11:40:29 GMT
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
51
Content-Type
image/gif
Cookie set Arrow_Right.gif
www.moneydj.com/funddj/images/ 		51 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/funddj/images/Arrow_Right.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f21a824d68a45b591aa88d898736127554a74ac5edef82a6e403e737c8a3e77e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Cache-Control
max-age=604800
Last-Modified
Mon, 11 Jan 2010 11:40:51 GMT
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
51
Content-Type
image/gif
Cookie set MenuBG_980x28.jpg
www.moneydj.com/funddj/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/funddj/images/MenuBG_980x28.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Menu/jquery.jdMenu.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
267d3023a0ce2ebe1c367a12b5507e4c1ab237d995895204203bb50b274b762e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/funddj/Menu/jquery.jdMenu.css
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/funddj/Menu/jquery.jdMenu.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Aug 2016 03:37:42 GMT
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
2429
Content-Type
image/jpeg
top-submenuBG.jpg
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		553 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/top-submenuBG.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
0e8498b114af094c83453b48310a479f069c13ad7381e6944580a2f1da474f89

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges
bytes
Content-Length
553
Content-Type
image/jpeg
getpublickey.aspx
www.moneydj.com/usr/ 		331 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/usr/getpublickey.aspx?type=1&format=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
68ba33e806390a8790df5bc803931920314aafe3493f90765424fb2e7c2c5a9c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/javascript, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
application/json, text/javascript, */*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
Content-Type
application/json; charset=big5
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, origin, content-type, accept
container.html
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B120 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 28 Apr 2021 02:18:03 GMT
expires
Thu, 28 Apr 2022 02:18:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
all.js
connect.facebook.net/zh_TW/ 		212 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/all.js?hash=0a08815deb7eddb0cd86773d25850d2e&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86fc9ce43114d056a4d885a89623c7a1d163bedc94f35260d8abecf94ab516f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.moneydj.com
Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Cs3tl82o4uiMr+tBYfjKBw==
cross-origin-resource-policy
cross-origin
expires
Thu, 28 Apr 2022 01:08:51 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
64090
x-fb-rlafr
0
x-fb-debug
fLpyMVqSj1KJBXpn1/gkuj0Y7IiRuBjGqU7TGU3+vqW9nGygj1CnmkRHedKiT6yTon6FsMCi5pGliBPgjzGRmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
77cf9b8276e941aeb1c9225e5da03f74
date
Wed, 28 Apr 2021 02:18:04 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3aaf0198d3c80aec194f89c2c8c18626"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
Path-Arrow.gif
www.moneydj.com/kmdj/Images/ 		53 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/Images/Path-Arrow.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
a3e992b28060b1a3fdb2c53d8ad146f5e557fe73c88d2b789fcaf1b80502f80d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
53
Content-Type
image/gif
Cookie set ProjectList.css
www.moneydj.com/funddj/css/ 		1 KB
569 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/css/ProjectList.css
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/js/ProjectList.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b23267afa1d707f5a280500d8cddc8df14810f33dee697ff83c4484a54c457ea

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ga=GA1.2.2084249410.1619576283; _gid=GA1.2.1695806535.1619576283; _gat_UA-8400411-3=1; mp_5d993f8d7d28ac292101f3a9d1b56721_mixpanel=%7B%22distinct_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24device_id%22%3A%20%221791644e14655f-0a3c40170d1799-5771e33-1d4c00-1791644e147705%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _Rel_KM=KM_A:8A977847-970B-48B2-B188-FBF10B1B2128; __asc=f19cc8d81791644e1baca92ab23; __auc=f19cc8d81791644e1baca92ab23; _fbp=fb.1.1619576283641.1211707188; __gads=ID=78ec8522a6f31a11-22f40822f6c7000e:T=1619576283:S=ALNI_MZwDriJFupY8PaFcJ5pwcMjnLXJGQ; ASP.NET_SessionId=ba0ans55ziq2j05532fkgg55; djaid=1.e10a1a0d-5567-4a2f-af71-9173e9e05ebf.1619576283.1039206186.0.0.56f12
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Sep 2013 09:49:06 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
295
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B120 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
URL: https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15819
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 21:54:25 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B120 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
URL: https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c166e077dce4fadadfc17e500c1b9787a6108a9d069b8be8c46af91c5895926c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33110
x-xss-protection
0
server
cafe
etag
16988071292998022746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B120 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
URL: https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B120 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBVaIksY0SJml2Anw_WdG-e_k_ZeM6bw4C5rqd5w4LFqZnz3_Vpl2QyQnAOQiBQtVe2qKZaNSQb9qQgaGgq21pZZaitxSdLl_2p_StkstMeY8QBNWKK0yzSuGu-MnspPngv0UAn9_GaLzlh3yiH0f8v_hPf8Z415iPlDx5v_So6S_i0r3IqnXg5QNiQKN_RAzcOcOSDW4qOBr6fVYj5ZAMkhQ_Pgc8-M352qhGWeWsVGSOT3408bnoRAV1WqMNyyKhdFThlZFU6Rq1FWDivsWWlARcLmOCEA1dFJxUwPz_3gKZQBILKiJdGZQTGEJkdsQ&sai=AMfl-YSH0o4K1musOUu5nQrTTTPBThNCTvn3LuDs6YGu7oFao0WbXuscOvfd_baRY22lbW1VeMD85sE-lYYv2Jkgtpbyq6dEFqGEfXR5SRVstaEDbvWHVZ02i4dLBfer0JU&sig=Cg0ArKJSzP-nkhOzQiqdEAE&urlfix=1&adurl=
Requested by
Host: 42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
URL: https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ Frame B120 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
5298758904806933499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/ Frame 374C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210426/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnVle8adlr3pK5YhjmiY69uBtuxEDpas80bNrO3sJkp-KLfUdMZ5keTH_dxkRY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 28 Apr 2021 01:17:22 GMT
expires
Wed, 12 May 2021 01:17:22 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
3642
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B120 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7babbacf26a3e7fdb4f85e49d16ab1b851f38fb6e82a682259817821636028b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=122887437721589&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js?hash=0a08815deb7eddb0cd86773d25850d2e&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
gYoM++Gm0UnVl7Zns9oVzHCqsheTBHe5UyrdjJ8BXnczFaNYTkyWBUTEoMKwn4e1XLg7im4CTnm2ECuSr4lSmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 28 Apr 2021 02:18:04 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.moneydj.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame B120 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B120 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CF-160X600_NewsLeftTop.html
adx.doublemax.net/image/creative/20200519/Turn/ Frame 56EE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10846&adk=1326293989&adf=816031632&pi=t.ma~as.7595289909%2F10846&w=160&url=http...
  • https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
530 B
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-61.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4889e841a6e60260687d67cdc9651c20c8535c65c768bc85d2d783553cb640ea

Request headers

:method
GET
:authority
adx.doublemax.net
:scheme
https
:path
/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
530
last-modified
Tue, 19 May 2020 06:40:13 GMT
accept-ranges
bytes
server
AmazonS3
date
Wed, 28 Apr 2021 01:53:28 GMT
etag
"8e354b140bfcb2cac175e0ec2e4d6215"
x-cache
Hit from cloudfront
via
1.1 d5cf9e2604452e6d04db24c2381f245d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
oRsR0c7ZdBzSGJmEKYKUsn7COA1bEr_-STizrj7QxfKRD4J61Blxvw==
age
1478

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:05 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame B120 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6900 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwjL9qWWWBJvbWJ9gGJ8mOGkE2stGaOiOCkw13XcuAA2PcOsmOiqht1DaGTqs9Ei1ANwCGEEzrsbbPRmbO2rdpeX5DHiqmHOhIEPOJocA&sig=Cg0ArKJSzM22qnMa5HMkEAE&id=lidar2&mcvt=1018&p=52,514,142,1242&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210423&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=324619989&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619576283820&dlt=0&rpt=98&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
moneydj.js
api.popin.cc/searchbox/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/moneydj.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE3) /
Resource Hash
cabd002c9eadeb0a7a9821198de79064273dd7b8fe6aaacfef789d95150063f8

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:05 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 03:31:40 GMT
server
ECS (mil/6CE3)
age
2079
etag
"1192e7ea0efbd05fe45cbdef1c447827+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=3600
x-amz-request-id
0MFCRN37RCRW6AZ1
content-length
30900
x-amz-version-id
VfgTzpJs3isnep02PqpZkqOjjkkPUgjC
x-amz-id-2
zjeUXdXxpDYmZ2f8JN+tFQaQ7zpJGHc/YlZM58Mq0kiA7nAk+1e59foKpA8UKzTrtwPavjwjO0k=
/
as.innity.com/synd/ 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1619576285280&ver=1&pub=586f9b4035e5997f77635b13cc04984c&zone=40673&output=js&flash=0&url=www.moneydj.com&width=*&height=*&vpw=1600&vph=1200&auction=d0c6fc9-d2df7a7
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/network.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:18:06 GMT
Last-Modified
Wed, 28 Apr 2021 02:18:06 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type
text/javascript; charset=utf-8
Content-Length
0
Expires
Sat, 03 Sep 1983 02:00:00 GMT
Cookie set data.aspx
www.moneydj.com/Usr/ 		93 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/Usr/data.aspx?a=1&c=1&d=0&enc=UTF8&b=16e416e0851722af0fde704a81fd911cf8626006a187559570380da3cbb71d8d51a176b1520214f221c4dde197cf617844ddd6638e112d7a7ad76a4ce02b0e009a0aa222e47c1e134ebcbc6842baa806ca917768305dd9fbe6cb8682c3194f7e7df814a27e5050a4e08b4d4b7cb3d555a502883b06bb96db221039b10812f6e4
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
350a2e6b4d5770ec3d98a14c8a318c7afb1046f1b163b2b677a867142531f035

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.moneydj.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=
Connection
keep-alive
Content-Length
454
Pragma
no-cache
Host
www.moneydj.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 28 Apr 2021 02:18:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
Content-Type
text/xml; charset=big5
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
private
Access-Control-Allow-Credentials
true
Set-Cookie
djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; domain=moneydj.com; expires=Fri, 28-Apr-2023 02:18:05 GMT; path=/
Access-Control-Allow-Headers
X-Requested-With, origin, content-type, accept
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 56EE
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e81e7d122d75e0486ccb69b6d44018119dd64ede682d1af8ff54a4211ee57c9

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6903
content-length
39313
cf-request-id
09b7de031c0000c29ffd17f000000001
last-modified
Fri, 23 Apr 2021 08:06:21 GMT
server
cloudflare
etag
"60827ffd-9991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BBTGLLFNcbJJIIsA8vb6lkSMjNP9L6KLAqcd4evXL4doh8xnfcOzZKyjKHPn%2F1unLFEuvtvTm%2FKSfD3QxnT0EyCfcw9O36tSyxii5iMzAqPznugXdZK%2FN2%2BN%2BVo%3D"}],"max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
646ccc4b58bfc29f-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/moneydj.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF3) /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:05 GMT
content-encoding
gzip
last-modified
Thu, 11 Jan 2018 09:42:51 GMT
server
ECS (mil/6CF3)
age
948
etag
"17b2e8b253e693d224f7d8407e28e1ea+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=3600
x-amz-request-id
68J8FC281YGXMWQ0
content-length
12707
x-amz-version-id
null
x-amz-id-2
Xo0HvrMh5WYYa19Etw1CpJZTgBlvUZbOGWW1REnqpuvq43XujOELFSADC9luGPcCzcE29w0pF/M=
recommend
tw.popin.cc/popin_discovery/ 		71 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&&device=pc&media=www.moneydj.com&extra=windows&agency=adgeek&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=db0211a808d6cb24be01619569085454&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4IiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFNiU5NiVCMCVFNSU4QSVBMCVFNSU5RCVBMSVFOCU4OCU4NyVFNiU5RiU5MCVFNCVCQSU5QiVFNSU5QyU4QiVFNSVBRSVCNiVFNSU5MCU4OCVFNCVCRCU5QyVFNSVCQiVCQSVFNyVBQiU4QiVFNSU4RiVBRiVFOSU4MCVBMyVFNiU4RSVBNSVFOSU5QiVCQiVFNSVBRCU5MCVFNCVCQiU5OCVFNiVBQyVCRSVFNyVCMyVCQiVFNyVCNSVCMSVFRiVCQyU4QyVFNCVCOCVBNiVFNiU4RSVBMiVFOCVBOCU4RSVFNiU5QyVBQSVFNCVCRSU4NiVFNSVCQiVCQSVFNyVBQiU4QiVFNSVBNCU5QSVFOSU4MiU4QSVFOCVCNyVBOCVFNSVBMiU4MyVFNCVCQiU5OCVFNiVBQyVCRSVFNyVCMyVCQiVFNyVCNSVCMSUyMC0lMjAlRTYlOTYlQjAlRTglODElOUUlMjAtJTIwJUU4JUIyJUExJUU3JUI2JTkzJUU3JTlGJUE1JUU4JUFEJTk4JUU1JUJBJUFCJTIwLSUyME1vbmV5REolRTclOTAlODYlRTglQjIlQTElRTclQjYlQjIiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vd3d3Lm1vbmV5ZGouY29tL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHg/YT04YTk3Nzg0Ny05NzBiLTQ4YjItYjE4OC1mYmYxMGIxYjIxMjgiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidXNlcl90ZF9ob3N0Ijoid3d3Lm1vbmV5ZGouY29tIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTYxOTU3NjI4NTQ1NCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_934cb2eb0af9
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/moneydj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
02f37b3b28850ad5836df7adfa4cc16672c7742cd62cfb0150d4ea7a7b0de2ce

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.13.5
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
popin_discovery5-min.js
api.popin.cc/ 		160 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/moneydj.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEE) /
Resource Hash
149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 05:29:34 GMT
server
ECS (mil/6CEE)
age
2084
etag
"f79eec0db79e4ee72508fa8efd009240+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=3600
x-amz-request-id
BBB9CWH9BJEZM2SV
content-length
44641
x-amz-version-id
jEbzWfZyhCQGPbOuuiAnvhe2d7E0IQE3
x-amz-id-2
EmHwz9YysUktHb0mwhRcqhKGMsk4F5LAbyZgndbrYURJfpOudHklPkpKKJfp54FHBi5naypOMcA=
popin_send_cookie_set_fail.js
api.popin.cc/test/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
1b1538ae50fd4837b2d666c53c2001e9d17900be96afe29ad6e0959be25e7406

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:05 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 07:00:22 GMT
server
ECS (mil/6CEB)
age
69299
etag
"40ef446de8bc060bf7029f02f429d95c+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-request-id
YXM1G2EY37E5T6AD
content-length
3896
x-amz-version-id
UFXK_rPkO_LVDe1kZmkgodLc5zcbKvY0
x-amz-id-2
bD0AIuuILqmT4lgZgSrZ53MQjFK6araHBDEGVWbXHPPmJ07JpO69n+gxZPeTBOnxQ77s2wwyVRk=
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 56EE 		975 B
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3067
cf-polished
origSize=1191
cf-request-id
09b7de03380000c29fcda41000000001
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0E%2B3FdkHde7d905rcGVlKBK5XwEdte9K3z%2Ff3W6k4YU22GxJ4diyeuWLXYdTp58JeHwTbR8DhHkQr%2FX6mEqDyfUD0Vf3weEbuS%2BsVwYHrSr56nR8hVtyAcj5yg8%3D"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
646ccc4b88e9c29f-FRA
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 56EE 		46 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fa1b381fe26c30d1f677deab4833105d8b1cefab157c31c96cfe37c4f2c7262c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame 56EE 		378 B
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2F42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com%2F&xr=1&adid=ad-BE7EB4A4966ABDAA079E466673BBE246&w=160&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5297450843612397&ao=https%3A%2F%2Fwww.moneydj.com
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
d66b7cdd626243fb785049bc4c3861d28e53b9317863ac1d5d2eb6b0fc0849f0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
X-Width
160
X-Height
600
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.doublemax.net
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
378
X-AdStyle
banner
view
securepubads.g.doubleclick.net/pcs/ Frame B120 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6Q4Qb9OGgZvRw8gKk9pbCZnXopkUcgt-BKahfEVUdXfwRaFjyxI9S7UR3DoeUo58jPt12EMax51Kggg5MdpR3-iRqMVvGi8_zcU_VXfA-LuAopsSDDaMZmWTF2C-nSIH9sdE72F4KkTpgZVvMomqi23MZ9oXUCYRtKqOFz5C0eatZKzfUrzyMifHJkGeHXhLN8x2Ia4X7esKv5t8oImtelP85Y0iq0DFgTDf7f287WNIjcgnwkWBE6wgotxYo987-DZ5ykxMX51uHTBjF8kd8ANEG-ObBCXxXdOcgsQUTu_EZ0aO0Qgj5skKst7AD7mxpMQ&sai=AMfl-YRprBbxQABdkxlSPS9_LJTsLTHAzAy6jrs9A9ZzZTyOkl5NzFyI2MrkXyMtJiBkCFl5eRxy_75rhr5rpjV7P_61xfsdtF01MadQAGtyvIMQXvpaLfCe82sxvroW0WM&sig=Cg0ArKJSzPZuZtqJLtTOEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:18:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B120 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7359609d725cc6d82cc30f8358cb33b60bd08b1d9c05b9f7a5ccc230dfcb07f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7091
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B120 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1283 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10030
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 1283 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355728
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
Cookie set moneydj_kmdj_right_300250_1.js
www.moneydj.com/funddj/Ad/network/ 		462 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/Ad/network/moneydj_kmdj_right_300250_1.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA105
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
09f2e86814746e389510ec887015b95e6267a82ad90eeff9f7d58f05f220021f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jan 2020 09:58:21 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
411
gen_204
pagead2.googlesyndication.com/pagead/ Frame B120 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=47819781796240&bg=!vL-lv_vNAAZLnZBaS507ACkAdvg8Ws6SOPp1DArNPuDwrNhMQiDjfMNX5kKXboIlsZ8FYK_NqzCTgQIAAABjUgAAAA5oAQcKAJ6dHN7kFcP-R1gbhRqpZc7inRg_ygtcUWu7_RWpSigRxqT9sg92aR0gOvfEGVueWQX8qndtggxCftziMniAjD_DNcUMsFvPC3yhmkKvl0DVulnhwXvqW3fBzyQwz4V0Z_okuuyl4Zl7od7NPbuNAmfkZCiQpzokWJZd4r6Fm7JSa88U_CmeXBhZFZWSARdVjXaqZg3qyJb9F6AfRbPId5kCWgVz94m1ttW2dA3TkhHxVVG25IRBvdqJV-q2ObxvBGnVy00op1kSUvh-IL-tSzXeOfhgcEWfEUFRC3gQ5Xp5tyKSH3g1SEYonaUUYPZrBfDPmwMY7wrJpACnTz0q2qV9toXcj4Mu-jkQH0H_EKxJUGufAdR0C2FmGrA-6IMDPrkP3zlJsg7BJB12aSK_sWBiB-iImWc4b4DUiQcD_neX9eyoPl5jhsMemOaHNnSQOsC6zkIc-yz_CrmwrMT_W4UaXKThcAzXmPcvZrdR5mjUOfvM-RxW_WuxplfR6XLXkjxf5CfRoczopKUt9MXH0LqK1iDVMyk72GtD8x4A4yCPIOyMPRVlBJ9PKVK4vrFdZBLwU3m9GNGtLoKIGym6rjWQnA3wVtS2huedjP5Id1cCgeBwmOY8ypTDCDdlT7D6zGMaiIcpc8G2bL7nu-fylZMf_lQgHvTYgEY6Htn44LHQIwutFUHrLcsopSWDegunKMdf-6bFz7m-8c4QWqlC61AvEBUTF2ZwzRusszC9h9N_I3RZ4zoeGMCkIpvdKvu9AO-sJK44ywNew4iOYx_lntWzoNqMSkfXgRqEM8zfcGHZquSaHLCy4CgA4XGUpSkwuiheBFY_GhgXlZemPuctp5RISC8yaUXLPTKxJLr1RQ0dZyTsaBbfzR_oYJ-bMp2sknB__QimGpdBW8legL4f66ogcYws5BSOfInc2BA-5GeEzEr0kzFYv3YeRH2sNLVOHLs8ySyWNuFHPrIsBhPGaqYx_7l8-Y1dQ3bhm5eJhUXEaF0j3ccnSK27AnaG
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/funddj/Ad/network/moneydj_kmdj_right_300250_1.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76f4a23d06a4eb1629942669ac3e1b864baf7a756fe52b25fd6ccc243448cb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48376
x-xss-protection
0
server
cafe
etag
7770477186257580779
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:06 GMT
5
www.moneydj.com/kmdj/REST/GetData.svc/ListByHotViews/NW/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/REST/GetData.svc/ListByHotViews/NW/5
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
fcc25e5bdf12831cc1c03affb0ff5c24f6a5659cdb12f3015ee993c3167b70f6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
private
Content-Length
1559
Content-Type
application/json; charset=utf-8
WikiService.axd
www.moneydj.com/kmdj/ 		250 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/WikiService.axd?cmd=FindWikiSubject
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b6cb7e93c83d942ca281a0e4471f3a94b557aae27c928287dd66896fcfb70ae8

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.moneydj.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Content-Length
2029
Pragma
no-cache
Host
www.moneydj.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/javascript, */*
Cache-Control
no-cache
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Sec-Fetch-Site
same-origin
Accept
application/json, text/javascript, */*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Content-Encoding
gzip
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept
Content-Length
146
SubHead_c_BG.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		252 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/SubHead_c_BG.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/blocks.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
79a3403bc89fd64b8ac73a2b7da6d99ca1fde1f5fafe1cb6da5dfb8c5a0cc5f6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/blocks.css
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/blocks.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges
bytes
Content-Length
252
Content-Type
image/gif
R2-TabBG.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		57 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/R2-TabBG.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
49fc04b260ac1a7702d64ed979d7173a9447a5952b942f3cbe74f363a0569c56

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges
bytes
Content-Length
57
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2016457015839363&correlator=496070983015074&output=ldjh&impl=fifs&eid=31060790%2C31060320&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=126805407%2Cmonekmdj_right_300250_2ydj_&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1619576286&dt=1619576286395&dlt=1619576278653&idt=4717&frm=20&biw=1600&bih=1200&oid=2&adxs=992&adys=744&adks=1452853795&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&psts=AGkb-H8nNKHoZdvLOVpGsohfSnFgTq9RulgkymrpS2AdEPA93BaWrKjUPcY0C29n3L-rgy1G_cWpqMsKRnU%2CAGkb-H8AW8oq54J7mpQun2d8fic6JSvbfk3uLsbriYrMIe_CEcOVAty3e6BTSA1jw3LgVU-GI7gjRb3f61Rh&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
491c6c4a99a8a4ba8b888f73a0004f9436e75a570a16874663472fc4aff78e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4454
x-xss-protection
0
google-lineitem-id
5370076789
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138322579333
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.moneydj.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
NW
www.moneydj.com/kmdj/REST/GetData.svc/ListBySimilars/RP,DT,WK/8a977847-970b-48b2-b188-fbf10b1b2128/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/REST/GetData.svc/ListBySimilars/RP,DT,WK/8a977847-970b-48b2-b188-fbf10b1b2128/NW
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
6391243f1d824be039466dbb88da053d1cbccfed9a41919235ebe15d1dd27b57

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
private
Content-Length
1975
Content-Type
application/json; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2016457015839363&correlator=496070983015074&output=ldjh&impl=fifs&eid=31060790%2C31060320&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=126805407%2Cmoneydj_kmdj_300600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1619576286&dt=1619576286403&dlt=1619576278653&idt=4717&frm=20&biw=1600&bih=1200&oid=2&adxs=992&adys=1046&adks=2130077496&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1402&msz=300x-1&psts=AGkb-H8nNKHoZdvLOVpGsohfSnFgTq9RulgkymrpS2AdEPA93BaWrKjUPcY0C29n3L-rgy1G_cWpqMsKRnU%2CAGkb-H8AW8oq54J7mpQun2d8fic6JSvbfk3uLsbriYrMIe_CEcOVAty3e6BTSA1jw3LgVU-GI7gjRb3f61Rh&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
21cc16a48f77005f8c9530b8417975d549ee6ee135851fd71ea5434bae0bcbdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4361
x-xss-protection
0
google-lineitem-id
5369402547
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138311482596
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.moneydj.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2016457015839363&correlator=496070983015074&output=ldjh&impl=fifs&eid=31060790%2C31060320&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=126805407%2Cmoneydj_kmdj_72890_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1619576286&dt=1619576286411&dlt=1619576278653&idt=4717&frm=20&biw=1600&bih=1200&oid=2&adxs=309&adys=1674&adks=3060855054&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&vis=1&dmc=8&scr_x=0&scr_y=0&psz=983x90&msz=983x90&psts=AGkb-H8nNKHoZdvLOVpGsohfSnFgTq9RulgkymrpS2AdEPA93BaWrKjUPcY0C29n3L-rgy1G_cWpqMsKRnU%2CAGkb-H8AW8oq54J7mpQun2d8fic6JSvbfk3uLsbriYrMIe_CEcOVAty3e6BTSA1jw3LgVU-GI7gjRb3f61Rh&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b2257c7bd2c6e17a9d81bb4d684c52b35b2170419adac8983b91d6e28b06914f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4464
x-xss-protection
0
google-lineitem-id
4691338759
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234952063
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.moneydj.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set cookie.djjs
www.moneydj.com/z/js/ 		2 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/z/js/cookie.djjs
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/z/js/djchannel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f96ff5c085cc5430ec69c67418f7fde356974d05a8216ea1bdf6cf5974eb169b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Content-Encoding
br
Last-Modified
Mon, 26 Apr 2021 15:25:38 GMT
Content-Encoding-OrgSzie
2186
DJ_Expired
<!--2021/05/01 08:00:00-->
Content-Type
text/javascript
Cache-Control
private
Set-Cookie
USER=; path=/
Content-Length
709
top-submenuBG.jpg
www.moneydj.com/KMDJ/App_Themes/Gold/KKImages/ 		553 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/KMDJ/App_Themes/Gold/KKImages/top-submenuBG.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/KMDJ/Css/jdMenu.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
0e8498b114af094c83453b48310a479f069c13ad7381e6944580a2f1da474f89

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/KMDJ/Css/jdMenu.css
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/KMDJ/Css/jdMenu.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges
bytes
Content-Length
553
Content-Type
image/jpeg
Cookie set a_djlogo-s.png
www.moneydj.com/Z/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/Z/images/a_djlogo-s.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/z/js/djchannel_All.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
888b1cb2edcdc8d5aef1363603bbf182852d792cbdead4c2ab3eecc38bacc686

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/z/js/djchannel_All.css
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; _td=1301c142-2838-45f2-9635-1750f164c1eb; __gads=ID=20a3dbcfdaf52438-22090e1ef6c7006a:T=1619576286:S=ALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Connection
keep-alive
Referer
https://www.moneydj.com/z/js/djchannel_All.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:07 GMT
Cache-Control
max-age=604800
Last-Modified
Fri, 16 Sep 2011 08:12:16 GMT
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
9399
Content-Type
image/png
fastbutton
apis.google.com/se/0/_/+1/ Frame 8D47 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

content-length
1103
content-type
text/html; charset=UTF-8
date
Wed, 28 Apr 2021 02:18:06 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fastbutton
apis.google.com/se/0/_/+1/ Frame 5318 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4514f0e58579f9a240c94b04129f825976e112e6da9a29fe7e3e3bac952ab42
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dVKXb1LbrbhCG0Lv4IMCWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 28 Apr 2021 02:18:06 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
script-src 'report-sample' 'nonce-dVKXb1LbrbhCG0Lv4IMCWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
set-cookie
NID=214=N3mckQmAOgEd4zxrnKbrH1pt8Sfrzz2btAXU9cIsXzDzr6J6ywlZZIy_--Mo5ZzMojUU1jlAF0lCQOmNJnUtprW5eEKWygQ-0TfiIFTA3MpdqKgZCi1ss2TtikEZmWP6E0d31R8-yTJrhuCSD9ffVKTU_svPxPltDrs9N3huka4; expires=Thu, 28-Oct-2021 02:18:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
top-memu-o.jpg
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/top-memu-o.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
c2502aaf14c8613f3710775541bc71b11a82a334fba5392b5361e3b2341bf8b3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges
bytes
Content-Length
1104
Content-Type
image/jpeg
vc
www.moneydj.com/InfoSvc/apis/ 		82 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/InfoSvc/apis/vc
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
f0e1fc73d9c604a2265990bc77779156f7f69b47273c21e064a8445491c9bc8b

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.moneydj.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Content-Length
71
Pragma
no-cache
Host
www.moneydj.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
private
Content-Length
82
Content-Type
application/json
UserLogin.axd
www.moneydj.com/kmdj/ 		73 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/UserLogin.axd?a=1619576286474
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
a8c8db0a0ade631142fb7f804bbdde1c08e541ac9eec90c981e1c324c323cc17

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/javascript, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
application/json, text/javascript, */*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
private
Content-Length
73
Content-Type
application/json; charset=utf-8
Cookie set getTextAD.aspx
www.moneydj.com/ads/ 		59 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA434&adstype=json
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
b75789d6c7d14d9c6373ebe3c8327f6752852e67b20cafde2ec233364a2c4675

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/javascript, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
application/json, text/javascript, */*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; path=/; HttpOnly
Content-Length
153
Cache-Control
private
Content-Type
text/javascript; charset=big5
ListByKeyIDList
www.moneydj.com/kmdj/REST/GetData.svc/NW/ 		747 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/kmdj/REST/GetData.svc/NW/ListByKeyIDList
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
4951158a2076f9a76b457d3ddd0d41e01ac8be72025a468e59b791a447a91314

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.moneydj.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Content-Length
211
Pragma
no-cache
Host
www.moneydj.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
private
Content-Length
747
Content-Type
application/json; charset=utf-8
PushIcon-facebook.png
www.moneydj.com/kmdj/Images/ 		177 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/Images/PushIcon-facebook.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
dc1076e79e582da826b2ee013367f7cc8d9b2fcd9c54142952bb5810266bef63

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
177
Content-Type
image/png
PushIcon-Plurk.png
www.moneydj.com/kmdj/Images/ 		159 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/Images/PushIcon-Plurk.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
37ed55c7f527462034f604fd9e09aa48d3284f5042c97cba1712f6afd086cb7d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
159
Content-Type
image/png
PushIcon-Twitter.png
www.moneydj.com/kmdj/Images/ 		503 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/Images/PushIcon-Twitter.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ee6c0bdc558915efed566a44df847b8078928141d6c6d68fb272637f12177bff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
503
Content-Type
image/png
22_Calendar.gif
www.moneydj.com/kmdj/Images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/Images/22_Calendar.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
92c0f743e3d9afb784030430b40599fbf3ed8a6c1520a6ec69f08ea178912f7f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
1152
Content-Type
image/gif
like.php
www.facebook.com/plugins/ Frame 2B05 		45 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c9ed5a40db72%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js?hash=0a08815deb7eddb0cd86773d25850d2e&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
513fb49b1a72a1238fd13807a9dafbb44a7017d5a3f6b020ff336c659e3f7bc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c9ed5a40db72%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
Ysitt6b9sAv3N6k5tQVS7WTJF1hxrNN77ua1FSRccWor5FaFTQsME6jhA9+IO6SxVWzwm6mZ7/fj88kr7+tpcg==
date
Wed, 28 Apr 2021 02:18:06 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php
www.facebook.com/plugins/ Frame 36FB 		45 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38ffeba3cc7848%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/all.js?hash=0a08815deb7eddb0cd86773d25850d2e&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b537701b51c30590bc0c80def4eec320f33598046090228f630fe1bc376f9300
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38ffeba3cc7848%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
HmV8amZ7atTLV7rIWS8Iv7/S4e+FxyTlKgcCkrr8us+uT+6zLtNTqUs/tZaN/5lzShnAGf1W/q/R3ZEKzCalRA==
date
Wed, 28 Apr 2021 02:18:06 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
init.js
cdn.holmesmind.com/js/ Frame FB1D 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47cca155305638f12c5e191dc08aeb4253b62263fab7f3ac49bdc3002dc661e0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Tue, 16 Mar 2021 09:35:51 GMT
server
AmazonS3
age
77
etag
"fcc536473734c006770cfb309e523fb4"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
6507
x-amz-cf-id
Ht4eLCj4FDFGxabcvG4J6EPp-c2ZpHLmMN52gO6azmtroN7uJm9Esg==
view
securepubads.g.doubleclick.net/pcs/ Frame 77A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-TFFAay-P02IdpSYbaVGLdC1XuBGCa8b-Quro-Ugu9SlXobFnhdT5JbmvphvpFv8frlkvB8OatMo9O-1Wc_vJVjuj7VUVYauH2XaSRpPLXzrW5F7_UEikiTgLSeZ2m43e3tXD2npC9cmBlSPRTN2BaM_NJvSV9QOTW9p5Kabq6ymsvugGnSoZ3qCnRq_oIFeKzJcNpEWLf7xnTLk6CYByjFSaOQraAPBJynPXxExL1Ks8hK-FDuiBTnOjkh92R9mm06vaY-e5HzDcOk-eDc7H6rjppcJDc9AULPX_cHDphptF0OA4z1Mh9btjFpTmRGe1&sai=AMfl-YQtfZq7rwoFKMu3GIC6TbIM5lzBW68yFk30Wuq1oKlqAH2DWCbRbUS2gg9xhz93C6uwY3UN9qzCvgokLgjiMh0-__xAcEhf-pPQIbhqwHqocLP-rYkTCcMLHCX9p8wm&sig=Cg0ArKJSzDESLRnMT4pgEAE&urlfix=1&adurl=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:18:06 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 77A3 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ffa0e81ee6f12b33ce0735f49b6efd9e30e3bae86f50084e11247f1ef39d249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33103
x-xss-protection
0
server
cafe
etag
5415273387967689796
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 77A3 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:06 GMT
Cookie set QKAD.js
www.moneydj.com/funddj/ad/QK/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/ad/QK/js/QKAD.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
3e2d8bd268c51f92869bef967e15d31044c9831dd02d0274b864fb79ab00effc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; _td=1301c142-2838-45f2-9635-1750f164c1eb; __gads=ID=20a3dbcfdaf52438-22090e1ef6c7006a:T=1619576286:S=ALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Jan 2021 06:59:54 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
1228
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
5298758904806933499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:06 GMT
cht_cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 7293 		807 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/cht_cookieSyncIframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-type
text/html
set-cookie
__cfduid=dd34191696b1d8e65286c5979391fc2f71619576286; expires=Fri, 28-May-21 02:18:06 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
2051
cf-request-id
09b7de056b0000c29f7494b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Iy0egQaSyAy%2FAiWRDO0%2Bdl%2BjmCsr1rjy%2Fs5M6Or0LLM0Xhh6wNsdP7yvKndqUC3ypajnQHtLJOQKsHAGclUYRVke%2FlAShBF5lUNVqLaW5h6caOMroc54pN%2B1wk0%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
646ccc4f1b9cc29f-FRA
content-encoding
br
idsync
sync.aralego.com/ Frame 56EE
Redirect Chain
  • https://sync.aralego.com/idsync
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=4afde29a-8484-4533-9912-cd79f8d7ea5d
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect=
0
0
cm.php
fcm.holmesmind.com/ Frame F67F 		0
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 7D28 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d923d819ca2ff5b300761f494357861e57fa2f1ce9a9e1597147196887452ee

Request headers

:method
GET
:authority
cdn.holmesmind.com
:scheme
https
:path
/js/capmapping.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

content-type
text/html
content-length
6245
last-modified
Fri, 12 Mar 2021 02:32:17 GMT
accept-ranges
bytes
server
AmazonS3
date
Wed, 28 Apr 2021 02:18:03 GMT
etag
"eafbd15dcbf67ea2b8cfadd2d92f78f8"
x-cache
Hit from cloudfront
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
IHkl6cn9k2QgictI0zCGXTUvBH9X4wjWYd1urhf_kgdax5ewWeauhg==
age
7
edmp_init.js
banner-cfnetwork.cdn.hinet.net/js/ Frame FB1D 		662 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 4e7b30670ccb8a3f3101333ef882f9b0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"f58f8a90686f8ffb3325107e8a788b71"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
uBiZJTJeyVSL6HU2XWG8F_oOUfJ7b0vzD2wB_kzRo67dqTQ_1b838w==
x-request-id
92a03f92beb14a118a29fabfa1fb61ef
google_mapping_init.js
cdn.holmesmind.com/js/ Frame FB1D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/google_mapping_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0f9d12ccb4d71455e76a3f7a47dbf3874b4e96c54219d7c3756affcc40d770f

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Mon, 15 Mar 2021 05:11:36 GMT
server
AmazonS3
age
76
etag
"ecc7750ee9369dfb2865df8de920fc09"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
5374
x-amz-cf-id
2dPbheyXVcghV05vWP3lE9182JijbnNd284PnhA0OWnS91wfj-dahA==
presetfn.js
cdn.holmesmind.com/js/ Frame 2C50 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfdedced9922001dd8f57a9f6895fc98c2a4f3be61657f85d5e02833e2ac3f88

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Wed, 21 Apr 2021 05:36:32 GMT
server
AmazonS3
age
76
etag
"672091ca2d6fa2dabbc79e0cae663482"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3929
x-amz-cf-id
GHaYzyNt1ec5ZjOgD-dvSn5UsIcOs_uEvhW-u1PQUiOMaF8d0_5trA==
cm
c.holmesmind.com/ Frame FB1D
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 28 Apr 2021 02:18:06 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ Frame 77A3 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
5298758904806933499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:06 GMT
truncated
/ Frame 77A3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdb52be92f9209ad479638d0293f2da982ebbccb40a20d779c898abddab16173

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 5318 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fwww.moneydj.com&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bSaSBnJo3mU.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apis.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3170
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:06 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 2C50 		425 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=10846
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8e2e10976cdd3097c116baf8a2fc0c620c72bd2bf654845bc6b0193a19b92e2d

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:10 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
595
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Yy2UsT5RanY3SwPAE3zDRICN4i37bjubil9Tu7uiPP-oRdIN_xaelA==
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
Tab-a4-NotSelected.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		590 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/Tab-a4-NotSelected.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
678ce45478f188e2c37f414d0b1d92946f4aca2ac58666dd051edf06f2808fb4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; __gads=ID=8e627a0e13d8b92a-22a022dff5c700b4:T=1619576286:S=ALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:05 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges
bytes
Content-Length
590
Content-Type
image/gif
Tab-a4-Select.gif
www.moneydj.com/kmdj/App_Themes/Gold/KKImages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/App_Themes/Gold/KKImages/Tab-a4-Select.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
cf45de7001e972de07f1467c916648af3011c3f8fef529995136b311d3e07ccc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; __gads=ID=8e627a0e13d8b92a-22a022dff5c700b4:T=1619576286:S=ALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/App_Themes/Gold/NewDetault.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:56 GMT
Accept-Ranges
bytes
Content-Length
1512
Content-Type
image/gif
cm
c.holmesmind.com/ Frame 7D28
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 28 Apr 2021 02:18:06 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7293 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
72c07f7143a03da5c551e7f27b38e6283adde0977d9627c49b1ac862372b6eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 912 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21058
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-7492323758213965&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 557D 		13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
747c1f5556fe683bd026a59f3c1656a97e9a415c43ff50cd6f33a8a020f9d354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2K6qdZd-6sBZzI4BZyI_VHSgoKeHJWTbNvgpzGZq10jI0ZPgp166k3R2fn5o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:06 GMT
server
cafe
content-length
6700
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ Frame 77A3 		12 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 77A3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 77A3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CF-300x250_NewsRight.html
adx.doublemax.net/image/creative/20200320/Turn/ Frame 8031
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=7595289909%2F10623&adk=994438583&adf=816031646&pi=t.ma~as.7595289909%2F10623&w=300&url=https...
  • https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
529 B
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-61.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfe6fccef40dcb018b0ee80a531aa8df0534a53bdc707eaf9dda3587f2dffb47

Request headers

:method
GET
:authority
adx.doublemax.net
:scheme
https
:path
/image/creative/20200320/Turn/CF-300x250_NewsRight.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

content-type
text/html
content-length
529
last-modified
Fri, 20 Mar 2020 01:48:09 GMT
accept-ranges
bytes
server
AmazonS3
date
Wed, 28 Apr 2021 02:06:53 GMT
etag
"30c7a7f3c1a357949264d7320c056c74"
x-cache
Hit from cloudfront
via
1.1 d5cf9e2604452e6d04db24c2381f245d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
EUfgZP9mbXah6XS2lon0m1oT_dOc1txUznwtB5kp9lR-Qe64SEXLEQ==
age
674

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:06 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 77A3 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 76B4 		54 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&adk=1812271804&adf=3025194257&lmt=1619576286&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286565&bpp=1&bdt=7912&idt=172&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&prev_fmts=300x250&nras=1&correlator=4570452623641&frm=20&pv=1&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&dtd=180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7492323758213965&output=html&adk=1812271804&adf=3025194257&lmt=1619576286&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286565&bpp=1&bdt=7912&idt=172&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&prev_fmts=300x250&nras=1&correlator=4570452623641&frm=20&pv=1&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&dtd=180
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2K6qdZd-6sBZzI4BZyI_VHSgoKeHJWTbNvgpzGZq10jI0ZPgp166k3R2fn5o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:06 GMT
server
cafe
content-length
34
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
FundDataSvc.axd
www.moneydj.com/InfoSvc/ 		2 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/InfoSvc/FundDataSvc.axd?a=FindFundBySubject
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.moneydj.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; __gads=ID=8e627a0e13d8b92a-22a022dff5c700b4:T=1619576286:S=ALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ
Connection
keep-alive
Content-Length
45
Pragma
no-cache
Host
www.moneydj.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
122
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 0A9A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5tZVytnP6QMcxJ6ok4GfYiMb_M1GCgn4GaAgIvCpzRt1fHwdYVr_ckEpAbgfp-vfYMm-l5YXUOKMhb5BImLFfQhl9A4Tz5NuIYy5VzX0Vq7nDiHf-8FRST-jhbwv4UwdjlBNTGcrX33n7MgH7k7aT3WJ2LFQv1VARcE84C8JMkxeVXp8Hm-ZsiKQB7MePlBSHD32KKPnrv82ETIuFE32YkI_GVnCHikYUDGqP9u3HI8GMRi29OAJEshisCXdYp5DKyltSOmPpE0pdGnppgNjubmQBfFrxuW1xPAPvGWejjQCWsaLphq3-&sai=AMfl-YReCNdyZl3hdTvw_BEeWSgOZ4wCa9o-xmVEmiPFDf7ZxNX5OO6tZcB9sL4n4gTFwiS2ewJgAA64qCkQSHcEZ5a-Z6YuQsmV582sF5Yn3FSfC2fkJWHDI8ByM3NWCtY&sig=Cg0ArKJSzI1CK1DbKRrcEAE&urlfix=1&adurl=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0A9A 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c166e077dce4fadadfc17e500c1b9787a6108a9d069b8be8c46af91c5895926c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33110
x-xss-protection
0
server
cafe
etag
16988071292998022746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A9A 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:06 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 2C50 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=10846&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2FTurn%2FCF-160X600_NewsLeftTop.html&n=899&o=1&d=1&b=2&ts=1&ii=2&FPCK=4719-gXjatrmLwiHBhnKTbhIjU8unRkqnk6Tm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2de48caeca325336758b4c67ad25d2995d7f2dc0251b0613effa99b0afc23660

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 2C50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 361dd7903f81f9843925fcf6d0c05bbd.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE50-C1
etag
W/"6a605eea47197fa280f27aaf1fa1521d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
UQNiqPBWnRuQfDx3sr03lIOQesLTwTc_KRyCvZpR5VhXT1mbgIDLtA==
x-request-id
221bdcdccde4c951061c34c0e1595cac
publishertag.js
static.criteo.net/js/ld/ Frame 2C50 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:18:06 GMT
criteoV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 2C50 		2 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 8c13747cfbdbd8f1bb0156074cd7a969.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"e8f33fcb581483ced4a09b3c8e7550e4"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
rlBygXvBQz1HjKV-NsXIG5SvZU-iXfqLHN7c8hZR3dmQ4B43Ncp9kw==
x-request-id
323bb8c202ba46d79006ec83b94556d6
bridgewellV3.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 2C50 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 7570f485f03bad71f82f7f4b41147dca.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
HiNetCDN/2104
age
33
etag
W/"c3b948e5a48dd0ec20c265d6d8da7add"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE50-C1
content-encoding
br
x-amz-cf-id
fBVlmi_Lk4RyKAPJ-YafAvr9YuajbTUhDwf-cCshSWqu_bJFgQz9_Q==
x-request-id
42a08f4b05f6a7cbcd7e1191d91228e0
appierV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 2C50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 b1e98d6f23bf8312e5a34847053352cc.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
HiNetCDN/2104
age
34
etag
W/"548ed610a8571343fb3022f543174735"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE51-C1
content-encoding
br
x-amz-cf-id
V6DshkijstfzesKZiYE1BOrWSfu178pAdlqpDZX13PSY4PfN0hqF8w==
x-request-id
ddabb932246ae759b966ace9ad5cf64d
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame 7293 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:06 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 2B05 		400 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c9ed5a40db72%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
MNNOaYJZSLPjY2kHjqhk5UAwMuquxlkQI94z7SsvsV2udKsSmjm69owjpy1qwtiRcyKFKFpr19PtmreXrvLAZQ==
x-fb-trip-id
512678718
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Wed, 28 Apr 2021 02:18:06 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
400
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 21:39:51 GMT
eqb-ZNc2NGv.js
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yq/l/zh_TW/ Frame 2B05 		483 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yq/l/zh_TW/eqb-ZNc2NGv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c9ed5a40db72%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d165beda02be992179d5c91a58e16cac29e5060d8e8bd477ea5dc67bcff9a78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XwJmHjvzygg3/8WCaBaY3A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
127881
x-fb-rlafr
0
x-fb-debug
q1rF6fOE3xAOl//xNbDvihFZow/Ms6VOLcsksNdEfZ/fkWdV6PFJv+KnRaHk5PVGVCJ3t0/izmsxP9Zi/n+mkw==
x-fb-trip-id
512678718
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Apr 2022 19:10:36 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 36FB 		400 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38ffeba3cc7848%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
MNNOaYJZSLPjY2kHjqhk5UAwMuquxlkQI94z7SsvsV2udKsSmjm69owjpy1qwtiRcyKFKFpr19PtmreXrvLAZQ==
x-fb-trip-id
512678718
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Wed, 28 Apr 2021 02:18:06 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
400
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 21:39:51 GMT
eqb-ZNc2NGv.js
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yq/l/zh_TW/ Frame 36FB 		483 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yq/l/zh_TW/eqb-ZNc2NGv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38ffeba3cc7848%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d165beda02be992179d5c91a58e16cac29e5060d8e8bd477ea5dc67bcff9a78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XwJmHjvzygg3/8WCaBaY3A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
127881
x-fb-rlafr
0
x-fb-debug
q1rF6fOE3xAOl//xNbDvihFZow/Ms6VOLcsksNdEfZ/fkWdV6PFJv+KnRaHk5PVGVCJ3t0/izmsxP9Zi/n+mkw==
x-fb-trip-id
512678718
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Apr 2022 19:10:36 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ Frame 0A9A 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
5298758904806933499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:06 GMT
truncated
/ Frame 0A9A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73762e762ff3bb41cb8231a748b2f39a6afe7edd901ec59dd01861740e9021f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame C12B 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.moneydj.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
3529
date
Wed, 28 Apr 2021 02:18:06 GMT
content-length
0
Icon16_Login.gif
www.moneydj.com/kmdj/images/ 		617 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/kmdj/images/Icon16_Login.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
76159081594b856452bd30f7a7611819904ae6b4071699100f42826c7fa34979

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; _td=1301c142-2838-45f2-9635-1750f164c1eb; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; __gads=ID=636f531debce5ec9-222cf11af6c700cb:T=1619576286:S=ALNI_Map1PwTlEo_agR8WTxWbSTqkgKFpQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
max-age=604800
Last-Modified
Thu, 04 Jul 2019 08:49:57 GMT
Accept-Ranges
bytes
Content-Length
617
Content-Type
image/gif
integrator.js
adservice.google.ch/adsid/ Frame 7293 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7293 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7293 		330 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3483997981303564&correlator=1903394703256739&output=ldjh&impl=fifs&eid=31060788%2C31060825&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1619576286940&dlt=1619576286634&idt=297&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=ecqqklvu3gyx&ifi=1&ifk=923963767&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=2081469043.1619576287&ga_sid=1619576287&ga_hid=2146073552&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7c54b6fc015309c76cff26e2b6147b9ff0371042858fc7636c527b1a3e39f88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fc386651256b78a5c9b2e79466c235fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7293 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fc386651256b78a5c9b2e79466c235fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 7293 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576286997&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsImxvZ2lkIjoiNDlhMDE1NTEtZDIwOS00MmRkLWJjMTItMGU1ZGVjOTk1OWRmIiwidWlkIjoiZGIwMjExYTgwOGQ2Y2IyNGJlMDE2MTk1NjkwODU0NTQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxMzAxYzE0Mi0yODM4LTQ1ZjItOTYzNS0xNzUwZjE2NGMxZWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5paw5Yqg5Z2h6IiH5p%2BQ5Lqb5ZyL5a625ZCI5L2c5bu656uL5Y%2Bv6YCj5o6l6Zu75a2Q5LuY5qy%2B57O757Wx77yM5Lim5o6i6KiO5pyq5L6G5bu656uL5aSa6YKK6Leo5aKD5LuY5qy%2B57O757WxIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjEzMDFjMTQyLTI4MzgtNDVmMi05NjM1LTE3NTBmMTY0YzFlYiIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiLmnIDmlrDpoK3mop3mlrDogZ4iLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.48.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Wed, 28 Apr 2021 02:18:07 GMT
Content-Length
89
Content-Type
application/javascript
adlogs
log.popin.cc/log/popin_ads/ 		66 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsImxvZ2lkIjoiNDlhMDE1NTEtZDIwOS00MmRkLWJjMTItMGU1ZGVjOTk1OWRmIiwidWlkIjoiZGIwMjExYTgwOGQ2Y2IyNGJlMDE2MTk1NjkwODU0NTQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxMzAxYzE0Mi0yODM4LTQ1ZjItOTYzNS0xNzUwZjE2NGMxZWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5paw5Yqg5Z2h6IiH5p+Q5Lqb5ZyL5a625ZCI5L2c5bu656uL5Y+v6YCj5o6l6Zu75a2Q5LuY5qy+57O757Wx77yM5Lim5o6i6KiO5pyq5L6G5bu656uL5aSa6YKK6Leo5aKD5LuY5qy+57O757WxIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMTMwMWMxNDItMjgzOC00NWYyLTk2MzUtMTc1MGYxNjRjMWViIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1619576286999
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
s.gif
r.popin.cc/ 		35 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&uid=db0211a808d6cb24be01619569085454&type=pc_pv&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E&t=1619576286999&tz=tw
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Tue, 10 Sep 2019 08:00:09 GMT
Server
nginx
ETag
"5d775809-23"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsImxvZ2lkIjoiNDlhMDE1NTEtZDIwOS00MmRkLWJjMTItMGU1ZGVjOTk1OWRmIiwidWlkIjoiZGIwMjExYTgwOGQ2Y2IyNGJlMDE2MTk1NjkwODU0NTQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxMzAxYzE0Mi0yODM4LTQ1ZjItOTYzNS0xNzUwZjE2NGMxZWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5paw5Yqg5Z2h6IiH5p+Q5Lqb5ZyL5a625ZCI5L2c5bu656uL5Y+v6YCj5o6l6Zu75a2Q5LuY5qy+57O757Wx77yM5Lim5o6i6KiO5pyq5L6G5bu656uL5aSa6YKK6Leo5aKD5LuY5qy+57O757WxIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMTMwMWMxNDItMjgzOC00NWYyLTk2MzUtMTc1MGYxNjRjMWViIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1619576286999
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Thu, 13 Dec 2018 07:19:53 GMT
Server
nginx/1.13.5
ETag
"5c120819-42"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
other
inrecsys.popin.cc/PopinService/Logs/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxMzAxYzE0Mi0yODM4LTQ1ZjItOTYzNS0xNzUwZjE2NGMxZWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5paw5Yqg5Z2h6IiH5p+Q5Lqb5ZyL5a625ZCI5L2c5bu656uL5Y+v6YCj5o6l6Zu75a2Q5LuY5qy+57O757Wx77yM5Lim5o6i6KiO5pyq5L6G5bu656uL5aSa6YKK6Leo5aKD5LuY5qy+57O757WxIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMTk1LjI0Mi4yMTMuMTEwIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJkaXNoX2NvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwia2V5Ijoia2V5MTYxOTU3NjI4NTQ1NCIsIm5vdyI6MTYxOTU3NjI4Njk5OSwiY2xpZW50X2lkIjoiMTMwMWMxNDItMjgzOC00NWYyLTk2MzUtMTc1MGYxNjRjMWViIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsInVpZCI6ImRiMDIxMWE4MDhkNmNiMjRiZTAxNjE5NTY5MDg1NDU0Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJkaXNoX2NhdGVnb3J5Ijoi5pyA5paw6aCt5qKd5paw6IGeIiwiZGlzaF9kb21haW4iOiJ3d3cubW9uZXlkai5jb20iLCJ2X2Rpc2hfbGFiZWxzIjoi5ZyL6Zqb5riF566X6YqA6KGMLOmHkeiejeeuoeeQhizkuK3lpK7pioDooYws5bmz6Ie6LOWxgOmVtyzovYnluLMs5pW45L2NLOaetuaniyzln7rnpI4s6YCy6KGMLOWxheawkSzpgI/pgY4s55m86KGoLOWgseWRiizmiYDpnIAs5Y2w5bqmLOa0u+WLlSzlrqPluIMs5Lit5b+DLOWFqeWciyzms7DlnIss5ZyL5Lq6LOaPkOS+myzpioDooYws6KGo56S6LOacjeWLmSzlibXmlrAiLCJ2X2Rpc2hfdGxhYmVscyI6IuS7mOasvizns7vntbEs5paw5Yqg5Z2hLOW7uueriyzot6jlooMs5o6i6KiOLOmbu+WtkCzpgKPmjqUs5ZyL5a62LOacquS+hizlkIjkvZwiLCJsb2dpZCI6IjQ5YTAxNTUxLWQyMDktNDJkZC1iYzEyLTBlNWRlYzk5NTlkZiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkb21haW4iOiJ3d3cubW9uZXlkai5jb20iLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:07 GMT
Content-Length
0
Content-Type
text/plain
s.gif
r.popin.cc/ 		35 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&uid=&type=pc_channel_pv&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E|ch_pc&t=1619576287004&tz=tw
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Tue, 10 Sep 2019 08:21:36 GMT
Server
nginx
ETag
"5d775d10-23"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJwYyIsImV4cGVjdGVkX2FkIjo0LCJyZW5kZXJlZF9hZCI6NCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9OGE5Nzc4NDctOTcwYi00OGIyLWIxODgtZmJmMTBiMWIyMTI4IiwibG9naWQiOiI0OWEwMTU1MS1kMjA5LTQyZGQtYmMxMi0wZTVkZWM5OTU5ZGYiLCJ1aWQiOiJkYjAyMTFhODA4ZDZjYjI0YmUwMTYxOTU2OTA4NTQ1NCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjEzMDFjMTQyLTI4MzgtNDVmMi05NjM1LTE3NTBmMTY0YzFlYiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLmlrDliqDlnaHoiIfmn5DkupvlnIvlrrblkIjkvZzlu7rnq4vlj6/pgKPmjqXpm7vlrZDku5jmrL7ns7vntbHvvIzkuKbmjqLoqI7mnKrkvoblu7rnq4vlpJrpgorot6jlooPku5jmrL7ns7vntbEiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9OGE5Nzc4NDctOTcwYi00OGIyLWIxODgtZmJmMTBiMWIyMTI4IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Ind3dy5tb25leWRqLmNvbSIsInRkX3BhdGgiOiIva21kai9uZXdzL25ld3N2aWV3ZXIuYXNweCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIxMzAxYzE0Mi0yODM4LTQ1ZjItOTYzNS0xNzUwZjE2NGMxZWIiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5pyA5paw6aCt5qKd5paw6IGeIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1619576287004
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Thu, 13 Dec 2018 07:19:53 GMT
Server
nginx/1.13.5
ETag
"5c120819-42"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
log.gif
r.popin.cc/ 		35 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=db0211a808d6cb24be01619569085454&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&t=1619576287005
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Thu, 29 Aug 2019 01:59:39 GMT
Server
nginx
ETag
"5d67318b-23"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
logo.png
api.popin.cc/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.popin.cc/images/logo.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
last-modified
Tue, 02 Apr 2019 12:00:56 GMT
server
ECS (mil/6CE6)
age
364849
etag
"b10c5c3579ba2dba39fd2804188dc3f1"
x-cache
HIT
content-type
image/png
x-amz-request-id
EH7FCHQE72TM546E
x-amz-version-id
null
accept-ranges
bytes
content-length
2316
x-amz-id-2
3ziTc2uvXD/qN/9/5ygbHxTmQ7phXnlwtCOccSF9wBl7rY2zr7rPf16a+Vj/sqbFEKSWNhdU7ls=
cavalry_endpoint.php
www.facebook.com/common/ Frame 2B05 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619576286796&t_start=1619576286796&t_domcontent=1619576286824&t_layout=1619576287035&t_onload=1619576287035&t_paint=1619576287035&t_creport=1619576287035&t_tti=1619576286824&lid=6956027182735509507-0
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c9ed5a40db72%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
6I2GQeipZABWSeMqI1CUHMImgLO70q0lkNDLwsQCWZLGzdAFJXqnMwKxQw+KM5Yq99KSSza7pypcNvp+bAxi6Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:18:07 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjh85qQMFOySgUMGIrj9YTzeGG0D_-obg7yEMepIpI4mRYAHrlAhF6BOLirACP0DUV3e2Ytyb7qRFIeNbh5WAOy3yJ6m7Nv1i7tNFYPwi2XRuDPLckXOlFi5VYQm-FMK8ilnGkBLqdz-FjI4PBefaBem0Y1VdfT_gOiDPLxRQ29oxz6ZVpvD2ia0xYWM3CtHKhnh5iRQQWNM9xaV3E81ahOBnlpxXOXWUxbEkzUNRFM86L5-mi1Afa331syXvvbahopRW2z3UACG8HFFmpyo9ZjCO704vQbW2lct7m4Ln2UjS3PutQttGg-w&sai=AMfl-YQu0KfcmzloOEtwCCqRMDnzMLFWrSGvu6U0vurABp3Gli8WGm6bD_w10YnaKBTrNUSMjdSfDyGguf96tuUE81N5Crj-Gq84LoWmMJf9-PV3q2LPjzJq5po2bHxzbe4&sig=Cg0ArKJSzH3hGIsYYkKDEAE&urlfix=1&adurl=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8A74 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76f4a23d06a4eb1629942669ac3e1b864baf7a756fe52b25fd6ccc243448cb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48376
x-xss-protection
0
server
cafe
etag
7770477186257580779
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A74 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:07 GMT
s.gif
r.popin.cc/ 		35 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&uid=db0211a808d6cb24be01619569085454&type=pc_inview&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E&t=1619576287053&tz=tw
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Thu, 29 Aug 2019 01:59:39 GMT
Server
nginx
ETag
"5d67318b-23"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjMsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3Lm1vbmV5ZGouY29tIiwidXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsImxvZ2lkIjoiNDlhMDE1NTEtZDIwOS00MmRkLWJjMTItMGU1ZGVjOTk1OWRmIiwidWlkIjoiZGIwMjExYTgwOGQ2Y2IyNGJlMDE2MTk1NjkwODU0NTQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxMzAxYzE0Mi0yODM4LTQ1ZjItOTYzNS0xNzUwZjE2NGMxZWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5paw5Yqg5Z2h6IiH5p+Q5Lqb5ZyL5a625ZCI5L2c5bu656uL5Y+v6YCj5o6l6Zu75a2Q5LuY5qy+57O757Wx77yM5Lim5o6i6KiO5pyq5L6G5bu656uL5aSa6YKK6Leo5aKD5LuY5qy+57O757WxIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cubW9uZXlkai5jb20va21kai9uZXdzL25ld3N2aWV3ZXIuYXNweD9hPThhOTc3ODQ3LTk3MGItNDhiMi1iMTg4LWZiZjEwYjFiMjEyOCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cubW9uZXlkai5jb20iLCJ0ZF9wYXRoIjoiL2ttZGovbmV3cy9uZXdzdmlld2VyLmFzcHgiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMTMwMWMxNDItMjgzOC00NWYyLTk2MzUtMTc1MGYxNjRjMWViIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuacgOaWsOmgreaineaWsOiBniIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1619576287053
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Thu, 13 Dec 2018 07:19:53 GMT
Server
nginx/1.13.5
ETag
"5c120819-42"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjUsImNoYW5uZWxfaWQiOiJwYyIsImJveF9wb3NpdGlvbiI6ImJvdHRvbV9sZWZ0IiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJ3d3cubW9uZXlkai5jb20iLCJ1cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9OGE5Nzc4NDctOTcwYi00OGIyLWIxODgtZmJmMTBiMWIyMTI4IiwibG9naWQiOiI0OWEwMTU1MS1kMjA5LTQyZGQtYmMxMi0wZTVkZWM5OTU5ZGYiLCJ1aWQiOiJkYjAyMTFhODA4ZDZjYjI0YmUwMTYxOTU2OTA4NTQ1NCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjEzMDFjMTQyLTI4MzgtNDVmMi05NjM1LTE3NTBmMTY0YzFlYiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLmlrDliqDlnaHoiIfmn5DkupvlnIvlrrblkIjkvZzlu7rnq4vlj6/pgKPmjqXpm7vlrZDku5jmrL7ns7vntbHvvIzkuKbmjqLoqI7mnKrkvoblu7rnq4vlpJrpgorot6jlooPku5jmrL7ns7vntbEiLCJ0ZF91cmwiOiJodHRwczovL3d3dy5tb25leWRqLmNvbS9rbWRqL25ld3MvbmV3c3ZpZXdlci5hc3B4P2E9OGE5Nzc4NDctOTcwYi00OGIyLWIxODgtZmJmMTBiMWIyMTI4IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Ind3dy5tb25leWRqLmNvbSIsInRkX3BhdGgiOiIva21kai9uZXdzL25ld3N2aWV3ZXIuYXNweCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIxMzAxYzE0Mi0yODM4LTQ1ZjItOTYzNS0xNzUwZjE2NGMxZWIiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5pyA5paw6aCt5qKd5paw6IGeIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1619576287054
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
s.gif
r.popin.cc/ 		35 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&uid=&type=pc_channel_inview&nid=pc&media=www.moneydj.com&r5=ca_%E6%9C%80%E6%96%B0%E9%A0%AD%E6%A2%9D%E6%96%B0%E8%81%9E|ch_pc&t=1619576287054&tz=tw
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Last-Modified
Tue, 10 Sep 2019 08:00:09 GMT
Server
nginx
ETag
"5d775809-23"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
activeview
pagead2.googlesyndication.com/pcs/ Frame B120 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaAqss5BLEXqipVlZq_W9W2zWLyhy7xZDpetiBxRfHYaBdSURUb11tT5OTIz7Etp82Qp5t4oDnvxpjV7FubIYqajGuOIkWrVSOPeLLs4w&sig=Cg0ArKJSzBYYyH_628ioEAE&id=lidar2&mcvt=1030&p=590,16,1190,176&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=492727391&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619576284667&dlt=64&rpt=2&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0A9A 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 0A9A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0A9A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CF-300x600_NewsRightDown.html
adx.doublemax.net/image/creative/20200320/Turn/ Frame E413
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=600&slotname=7595289909%2F10624&adk=5587611&adf=272530241&pi=t.ma~as.7595289909%2F10624&w=300&url=https%3...
  • https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
530 B
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-61.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe41f351e5df8307d5a944c96a807067a3d1d8a82af0adde0994796f9713a5b1

Request headers

:method
GET
:authority
adx.doublemax.net
:scheme
https
:path
/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

content-type
text/html
content-length
530
date
Wed, 28 Apr 2021 02:18:08 GMT
last-modified
Fri, 20 Mar 2020 01:48:09 GMT
etag
"a31111aafa063495b5e276e877af30b2"
accept-ranges
bytes
server
AmazonS3
x-cache
Miss from cloudfront
via
1.1 d5cf9e2604452e6d04db24c2381f245d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
pnCp-3wQM3AjEoKmQXoDhBiiR3N--G5UK_K0xdwjsHGlXfx0GWuaEg==

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:07 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0A9A 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:07 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 36FB 		67 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619576286799&t_start=1619576286799&t_domcontent=1619576286829&t_layout=1619576287109&t_onload=1619576287109&t_paint=1619576287109&t_creport=1619576287109&t_tti=1619576286829&lid=6956027182846400507-0
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?app_id=122887437721589&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38ffeba3cc7848%26domain%3Dwww.moneydj.com%26origin%3Dhttps%253A%252F%252Fwww.moneydj.com%252Ff1a67a8d298d46c%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&locale=zh_TW&sdk=joey&send=true&show_faces=false&width=400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Of6oqmm4cr24imic0smYIlVOYaoDKoN67Li0g1T0ZJrfSi2hRgAj78rVqIsxKDgkKK3JApVP7u546WThNBH6XQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:18:07 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 557D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 557D 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 557D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:41:38 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 557D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6cKL3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8AFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInaaLL2Y45YrK2cEPojf3CcVsOeABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi03NDkyMzIzNzU4MjEzOTY1&sigh=wrOFlUvrnMo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 28 Apr 2021 02:18:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 557D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hnzpdzp8hyq1xy4jze6tath7ds7pafb518wcgpb5sf09wtmas9n00tv1y3yjtaw1b8r3xn0g0r6pcajgjq64g4kwnzmdpzfykf5adz7t1zzers272tjdxaz09bg5etfyjfgjp3gmz8b48fye4cf38yb13ekmqrmrebh2qc7fvtzeey1dym8t1ccr3napx7xb4h7cn81qa7n423c5hqjfs5nwjf63h25cbgy3f6hpx7mt0hqzdbva6hpc2b10vhx1ex8sczsbvmhn95d1k39hvq4ykbw3b92q4gcmztc3qydfp15e1pf36vngqr56paqx3twma7q287gabjfcpvrhx8afka1cjehz5qgzkafrrmppxgmqfksfqpps9p455bq9mm3nhrw&b=YIjF3gAK258KiwVGAALd09w4RMCZ_-Ce7n15Zw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame F254 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed97213e67a6976a59d58039cc4633c0c6cceed4134207f1f1ae6cb015f54737
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d84e9c147db3e57f77725b343d16f41c51619576287; expires=Fri, 28-May-21 02:18:07 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09b7de07b7000007422c040000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
646ccc52ba960742-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CD26 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 27 Apr 2021 06:38:34 GMT
expires
Wed, 28 Apr 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
70773
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8A74 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60af5f48b6f3b11bd8561835200226c064aeb919a45c2618bd7f78a9724b6f67

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7293 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0804913fa7882839224c554af6e6ee2bffba0d48a4d5c606c59b1f5a60762af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7054
x-xss-protection
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 8031
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e81e7d122d75e0486ccb69b6d44018119dd64ede682d1af8ff54a4211ee57c9

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6905
content-length
39313
cf-request-id
09b7de09340000c29f7d8db000000001
last-modified
Fri, 23 Apr 2021 08:06:21 GMT
server
cloudflare
etag
"60827ffd-9991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6ZmzomIZwXjoBepYEExD1yCvCwXo4m2jmRDGtoCMNE43uR0%2Fh0n9bZgVbsDm96IHjG3roFBZ9jKbNu%2BBficfpY3qxa9QD3wbfTbgtmH3V2K3Fm38qG3ZZTCx5k%3D"}],"max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
646ccc55182fc29f-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ Frame 8A74 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
5298758904806933499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7293 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:07 GMT
truncated
/ Frame 557D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cfc3db164abe7c0d7b7ef05cf17b651898948bc2eca954103d3838db8251586

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame F254 		58 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3129540
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6688
cf-request-id
09b7de084a0000d70db0aba000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BZBf7jl3UprsWMGKYxNkfKArbj7hp819qU0VTVeMe6gGg4gIL9n5f9e8Plh3s8FG0oTxxE9UI7svQHAkSGb4wwhJNfopc7vlRGvGxA5tm4zrxEk1"}]}
x-goog-generation
1615892011975494
content-type
text/css
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
646ccc53ae95d70d-FRA
expires
Tue, 22 Mar 2022 20:59:07 GMT
fxpcopuw.js
ad4m.at/ Frame F254 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699d9ee5aa3b674501132ad996c7ff6dec638cbfcb9a5dc6502909b594443db

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=uf2i1A==, md5=bNje+miZ+Y+uQdmFGLMi2Q==
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
85813
x-guploader-uploadid
ABg5-Uz8Q7Xe0Q5cdS0iCZB6rUJrruIT1FTAemHd875pqsXYNhocQSMrxP5vMWTCLFvgdJhKM5sySBHMGGcmot6LI10
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09b7de084a0000d70d129e9000000001
last-modified
Thu, 22 Apr 2021 16:12:57 GMT
server
cloudflare
etag
W/"6cd8defa6899f98fae41d98518b322d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PHGc7UbvtMttWFEXBmYz%2Fmmugbmx7RPEEMZHiTOrOflLmO0USiNc3GE51emnKqz27jUnjiFCrxgnHH9n5PWVRFnuIXmNq3YZaxy5wcDRj3KHAyKs"}]}
x-goog-generation
1619107977318178
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11778
cf-ray
646ccc53ae93d70d-FRA
expires
Tue, 27 Apr 2021 02:27:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E151 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10031
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame CD26 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI6AAeuhfGSPvgOZEfqRSaM&google_cver=1&google_push=AQvitUK2Xidn0ODrt3bf9U_4lLTMcM9d7_50g_NURdAk1PSrKAq3pRbFLmCVXN0vdoHMKcs-CPspBbj51_p1nRUNZtTZ6sQZ5OY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame CD26 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFXNOaNDeurOsQh6-W_BkxQ&google_push=AQvitUIUN4x1q0ABbTV8hiCBPM4QTsafar-W9wsM_o8f7P4UcX0g_pUZ-J9507JtQyoVmTPTwwxOhqCOB3xxZdSNnGooC_NxaN8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD26
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESENzVzf37Z-VNmgtk_4f1buQ&google_cver=1&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ
  • https://rtb.openx.net/sync/dds?google_gid=CAESENzVzf37Z-VNmgtk_4f1buQ&google_cver=1&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ&ox...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ&google_hm=0aeZHMOKzRAWbeCNBDgZDg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ&google_hm=0aeZHMOKzRAWbeCNBDgZDg==
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:06 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK85wIkLLaKEJOPkyMY-TYx4fG3b7ljVO9QbRb1T-duB1iJVudx1g23U6mBQHigj3rTt6BqbNQhSI4QekVBS1_lvUSxgQ&google_hm=0aeZHMOKzRAWbeCNBDgZDg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
jrlpmnitlocgbg6o82hppa1feu6brlht
pixel
cm.g.doubleclick.net/ Frame CD26
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBZczovtQ8yLFWLzDfiowg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBZczovtQ8yLFWLzDfiowg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKlV5Pdq8dCCBqGGfomHGRv2p2J1Y-eeZtqAgf0s9GA4Ku2JitbCJkgCPoyYUEIUgLXb0uRZxy1DrvwZAQsP5JpA-G1FA
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iBZczovtQ8yLFWLzDfiowg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKlV5Pdq8dCCBqGGfomHGRv2p2J1Y-eeZtqAgf0s9GA4Ku2JitbCJkgCPoyYUEIUgLXb0uRZxy1DrvwZAQsP5JpA-G1FA
Date
Wed, 28 Apr 2021 02:18:07 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame CD26
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDSnYNazDQzYJyCqX3iOYTI&google_cver=1&google_push=AQvitUI0EVceHdrO6sjlEuVmzcGb1va0N-V2HfSDDzmHQSA-KIO2-_7J7CCE_b98Vc_GamsgC12...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVFdMN0wtMUYtOVBDNQ==&google_push=AQvitUI0EVceHdrO6sjlEuVmzcGb1va0N-V2HfSDDzmHQSA-KIO2-_7J7CCE_b98Vc_GamsgC12zeBDh7DG73rpKhtIWFZZ2V3s
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVFdMN0wtMUYtOVBDNQ==&google_push=AQvitUI0EVceHdrO6sjlEuVmzcGb1va0N-V2HfSDDzmHQSA-KIO2-_7J7CCE_b98Vc_GamsgC12zeBDh7DG73rpKhtIWFZZ2V3s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVFdMN0wtMUYtOVBDNQ==&google_push=AQvitUI0EVceHdrO6sjlEuVmzcGb1va0N-V2HfSDDzmHQSA-KIO2-_7J7CCE_b98Vc_GamsgC12zeBDh7DG73rpKhtIWFZZ2V3s
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame CD26
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIjF35lCNtNWT6fJzv6JcQAABHcAAAIB&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_push=AQvitUKQUc7qF7qsZa5Htpijbdj8M_7X2R3BKk--BDTYbhijcEk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIjF35lCNtNWT6fJzv6JcQAABHcAAAIB&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_push=AQvitUKQUc7qF7qsZa5Htpijbdj8M_7X2R3BKk--BDTYbhijcEkIl26xSUvD8vBXs_Zc7kaerecm7_LSo8am7KIm5S6XG65R1A&google_cver=1
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:18:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIjF35lCNtNWT6fJzv6JcQAABHcAAAIB&google_gid=CAESEMQaQtQZ8OxxAMcA0atUAB4&google_push=AQvitUKQUc7qF7qsZa5Htpijbdj8M_7X2R3BKk--BDTYbhijcEkIl26xSUvD8vBXs_Zc7kaerecm7_LSo8am7KIm5S6XG65R1A&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
458
Expires
Wed, 28 Apr 2021 02:18:07 GMT
trk
ag.innovid.com/ Frame CD26 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJ_qAkB-wcql-1-v3oBAKRE&google_cver=1&google_push=AQvitUJyoHUwZLDqa3rzGNw9F0RXqZVjpaOL87oAR4hErwuKo5eF3dOy8Q_FvOrHR1nwJ9WoVLB7a80q6FtqjkwQxYrYV_9j3Bk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame CD26 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4p0jAbkOURJNaDvP4s6cLfJYE6iKUJLwqbQUwpTm4HSiWkkKcI5PJtK3rILdvE5iSxe-n
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=250&slotname=3056157929&adk=2064055290&adf=1690199770&pi=t.ma~as.3056157929&w=300&lmt=1619576286&psa=0&format=300x250&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576286558&bpp=6&bdt=7905&idt=114&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e627a0e13d8b92a-22a022dff5c700b4%3AT%3D1619576286%3AS%3DALNI_MYf9XjSbFA35uroDWBs9iXMHmmDeQ&correlator=4570452623641&frm=20&pv=2&ga_vid=2084249410.1619576283&ga_sid=1619576283&ga_hid=2053972232&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=987&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066431&oid=2&pvsid=2016457015839363&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZSWUThv7xe&p=https%3A//www.moneydj.com&dtd=135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cookie.js
partner.googleadservices.com/gampad/ Frame 8A74 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.moneydj.com&callback=_gfp_s_&client=ca-pub-7492323758213965&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8A74 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8A74 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.moneydj.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 663A 		62 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
172ad5c0e034e13c467e0ff8e19402fc6a6d0f729cdde19b063a1bc7a24306bf
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIyqrervn_ACFVr5dwodQ8oEdg&gqi=38WIYOzvFJPlgQf5o5rwDQ&layout=/sadbundle/%24csp%253Der3%24/13064758606153383936/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2K6qdZd-6sBZzI4BZyI_VHSgoKeHJWTbNvgpzGZq10jI0ZPgp166k3R2fn5o; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIyqrervn_ACFVr5dwodQ8oEdg&gqi=38WIYOzvFJPlgQf5o5rwDQ&layout=/sadbundle/%24csp%253Der3%24/13064758606153383936/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:07 GMT
server
cafe
content-length
22492
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8A74 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:07 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F254 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4908
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
09b7de089300004d89c034d000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4bRwWh94CZ1AOR7OBDibWc8hgYN4QANXL5%2Fphx5cNysakWkTNpsgte5EsTVvagTzQUImuVJxfj0SsNEvSdPU%2BlJk%2BZIr69Dhz49kl9UnunuI9iOpkC8uQN3uEmDkCCZiQg%3D%3D"}],"max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
646ccc541f064d89-FRA
frame.html
ad4m.at/ Frame 888B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-type
text/html
set-cookie
__cfduid=d7d6bc586f3ca8d8586efced82427d86b1619576287; expires=Fri, 28-May-21 02:18:07 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Wed, 28 Apr 2021 03:18:07 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
451332
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
09b7de088b0000d70d06359000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ea834OEr1hdy1kCdjzu3lOh1sbOjy9b8R1eYNOulV7Q7lWBiX1bSFOfBt4dB7R7Cr9n1K0dvufG6J9bD%2Bc%2BgR5kpNZpUlthjTFuobAISOoVOt7nU"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
vary
Accept-Encoding
server
cloudflare
cf-ray
646ccc541ed5d70d-FRA
content-encoding
br
FundDataSvc.axd
www.moneydj.com/InfoSvc/ 		2 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/InfoSvc/FundDataSvc.axd?a=FindFundBySubject
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.moneydj.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; _td=1301c142-2838-45f2-9635-1750f164c1eb; __gads=ID=20a3dbcfdaf52438-22090e1ef6c7006a:T=1619576286:S=ALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Connection
keep-alive
Content-Length
36
Pragma
no-cache
Host
www.moneydj.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
122
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame E151 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355729
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
frame.html
ad4mat.net/ Frame 33F4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-type
text/html
set-cookie
__cfduid=d2d55d8ab7d543b9abc12172a288a40a71619576287; expires=Fri, 28-May-21 02:18:07 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
age
4458
cf-request-id
09b7de08b900004d89ee01f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=af%2BIjxEsPRYf9O%2Fed4v4TGUNHO4Bh%2FwJMp54wAOCGfRwrxede%2FeWrXvUMxIaV2QJbu3tnbazrZwpAZ%2ByQ4zLWFvb5Lp84%2F0g886tQYhPHYhxGW5k1xxK"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
vary
Accept-Encoding
server
cloudflare
cf-ray
646ccc545f424d89-FRA
content-encoding
br
getTextAD.aspx
www.moneydj.com/ads/ 		566 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/ads/getTextAD.aspx?Type=ButtonTextA407&adstype=json
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/Js.axd?k=arMgoEIadXMSM6P27E9PkGuQPaw=&t=/kmdj/js/jquery-1.4.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
6fe66e14273cf3065df377679f203f98244e41d4dda7dcc4b2cbd00d5125c00f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/javascript, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; _td=1301c142-2838-45f2-9635-1750f164c1eb; __gads=ID=20a3dbcfdaf52438-22090e1ef6c7006a:T=1619576286:S=ALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Accept
application/json, text/javascript, */*
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Content-Encoding
gzip
Cache-Control
private
Content-Length
767
Vary
Accept-Encoding
Content-Type
text/javascript; charset=big5
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7293 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=3483997981303564&bg=!DwylDEjNAAZLnZBaS507ACkAdvg8WuT_dAKqapChOhJOq-1NVzEM6WZNgZFocEkSDCUncBacw-Q30wIAAABnUgAAAA1oAQcKAECEFXmC-kVBo3dEiMdGAGHrpXTxedcvWHAnatalvHFXEBnOy-4ax8DJMEHIec6rSRjWJ0nLepiwrpFGEivtS0KImQKv3LsiIMe9Zh8O9ESuAcsg1PmaYb86LuBVp1ybCIJhDg5GXuCl6V5xn2ol0r3zUf0crj6nStf6YauBOf4X2Z6nqNBrsimz7IUcHssmrSRga3v3NqQUT8BHNMIfDGLCspxNyWXPvSeDWappAJyHga6psPlt07_11ISywTFcZmcfMwVN3yoVBB2I8vGrVkorGrOSQOJ0W_cBV1HrpWV6wOPWQHQDO7IAjoG9I9bGb-zwoHB_IaodBL23DHLI8I4tqc9crp1dlHaZPbS8B5WJbqPNEzJpQMVNruFop6rtuFbpZSfcMTqdfRR9dR5l0vR36vhMehNJNz6KpEV-CNvxbAApXdfzks8XGc-p9LAlQkkFNax4zz2HvxWFMSHtet1iTx0p1qaeFmgYxi1dMMNCF6Sc1wS9hPU_sx8vBsWi6EXSWpwrxcoxsI0NQK07VOO2xon5vbnY0DcFK5Mng14XdidZKhnNg00v0I_ruVX3nG-oSvJi82R8cMoCMCQnoDlvBWyNXe8Toq7xk1p0Rtu2ie7YPI5adZT1LfnUfSTR8tWA-bheDos-5Ss1U933NwXgeSvzIX8TBOM13QxlXVda4E3vd46pRjDkv-i_9091dwUOP4sGppBG_FppAUUroq4L30QKM42GvgYo-_N3wbbKzgZ3kGFeg7scnY0riUzIpm7sSkn49kZQ49FS9aSwAdefImjlDsUdrdtwq9J8nqOFLecVR3PJwz7Rd490zWEMOqDg3G9HSvUPnuIgD9OUA06_lsSfH4niKsq_-Erf1dqAJGB1M3dqX1ekHrM43gfI912nXtlAOuSMggbf0PZyOqtjcp4UIB4falWwmohpVLn_wHeCuUGVnr3_wBEPy2rKzGDDJkkPwqNI7PyxsZv_ic77GqaRgUJKwAx1ajZFAP2jZCTg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 8031 		975 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3068
cf-polished
origSize=1191
cf-request-id
09b7de09680000c29f1eb1b000000001
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lRFVLuDHHleyxveLeLIsRYV4qWTZlmWrI%2FFQ%2BeheS3tb5kJxKw%2Fc5JujzW29vwUNT3ZWBRWlnHIUZY5yY%2BgA%2BqpOjp%2FCA297sD9ol%2F7cjyC6bKCDlBAdYaIxTrI%3D"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
646ccc557867c29f-FRA
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 8031 		46 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fa1b381fe26c30d1f677deab4833105d8b1cefab157c31c96cfe37c4f2c7262c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame 8031 		378 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2Fwww.moneydj.com%2F&xr=1&adid=ad-E2B2E8ABA28B66671EBA323D9E8942D&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.03125632886163476&ao=https%3A%2F%2Fwww.moneydj.com
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
f7788127293dbaf37e098d77504fb8f10ee4c83f052d95b187afb26beb531173

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
X-Width
300
X-Height
250
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.doublemax.net
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
f0d79a70-c676-377b-bbe4-4acc550a180c
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
378
X-AdStyle
banner
X-Adtype
html
view
securepubads.g.doubleclick.net/pcs/ Frame 77A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC5SEO2G1apNvQ8NPjwfc397wXpP6PEKN6s-LYkQA1rW5a-73gX0Tm9kWO9M7JhjBMU8kWjndYJSa34EKG9dhrU3WT_eJ7-gvf_89FZkVrY7Y02PjK8iVG7EjMXUyjdv5Rq1nJ8faLeGqsacbgYrQv7uVAU2DEcaY8mfbY-oI38yh7AUlLEgrILYTK92IBdyYD_PSk7Yczbkf5wTn6o_McuXQKy6eFMv1CAyCdQ7j3-BpzchIH_mwUqjZby2eqOlVsaWKnVK3aYYaTfY8jpm_LKnlckHzd2ojZWEd7ineJ1DuTL1UjqZBKM1ReYHtwAB7HOQk&sai=AMfl-YTr5mVpFMBgJrwGHvhixmGe9WvMSNskW3BVarl3MkhtCr5gnSzBOrfLzWenC7hbcLy3xiJVxcJr-kBpEZtyZK0mUM9cjRE1u1N2e0JLPN-FQf0AyIyBM7thvZDOZiZI&sig=Cg0ArKJSzAiG76onlJFeEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:18:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 77A3 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c7a64c7c7fdb5ec30de2d46555e61d65c49432cf025eceb66b0f4907720f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7072
x-xss-protection
0
drawV2.js
cdn.holmesmind.com/js/ Frame 2C50 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=10846&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2FTurn%2FCF-160X600_NewsLeftTop.html&n=899&o=1&d=1&b=2&ts=1&ii=2&FPCK=4719-gXjatrmLwiHBhnKTbhIjU8unRkqnk6Tm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:43 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
44
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
LKWFCJ-wKDvqZX_vUtGYxEiju0j-24SG7JEVIaBaIHBfUA6WSPcLsA==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 77A3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8B55 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10031
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D881 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b19c02105f57425a446005d1b87222c26148a19432d11cb2a2f04e25f8bae148
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NNlIJfG9OlRZUc3xQSieEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=214=N3mckQmAOgEd4zxrnKbrH1pt8Sfrzz2btAXU9cIsXzDzr6J6ywlZZIy_--Mo5ZzMojUU1jlAF0lCQOmNJnUtprW5eEKWygQ-0TfiIFTA3MpdqKgZCi1ss2TtikEZmWP6E0d31R8-yTJrhuCSD9ffVKTU_svPxPltDrs9N3huka4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

expires
Wed, 28 Apr 2021 02:18:07 GMT
date
Wed, 28 Apr 2021 02:18:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-NNlIJfG9OlRZUc3xQSieEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 8B55 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355729
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 663A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 663A 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 663A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:41:38 GMT
l
www.google.com/ads/measurement/ Frame 663A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTwyqMJGHSFhox3Jo5poZuHsqR-pn_ILk7B2iSYSrpZXrxp7mPBlUgKEZGW2WilP3Vi7vjs1MCoUEqP-QYLeLbrhGdnw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		102 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1699160349f58f6de31833ab95b03ce6f1f5f9330ae1a869f913c9a62655db01
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/13064758606153383936/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 22 Apr 2021 15:44:11 GMT
expires
Fri, 22 Apr 2022 15:44:11 GMT
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
22822
age
470036
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 663A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXbDz38WIYMy-Fdry3wPDlJOwB_6C7cFhpvThgbsN9ejav80BEAEg5-nACWCViriCyAegAbmK34sCyAEJqQJW5zuMzUi0PqgDAcgDAqoE_wFP0BCDApOqxC1jD3ga7NtY3nlm5HjwkK7qawh4trojRH9Fp0yDJNYVdeL66BPVRMH28oyhd2Z8zTjZW8x_7t4xnFHRfbKI-QN4wBUEf9st0TZOjajwY0f-33RLY6t_vpXiMUbCMWIIfAIOU043sPlcO-dYI-OLgoMcrEyUvH_QDI0A8WLNY9oI_6Bbf2MzzoGuAxdyKeM3KKSv4zFf_TCkPEYUyLyPnma1olG5HLc1La1n49djBkr1iptZO8NOYOsFNnO8rJg_KCjiwJLiBg8u8giYqgIfWa8TNYDjMvNMCu0g2m83Jle8c_K5XtQelm0Hd7xZJKUDCR94a9B_IzDABOnE9e-jA5IFBAgEGAGSBQQIBRgEoAZdgAev9aD0AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD23gnSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNzQ5MjMyMzc1ODIxMzk2NQ&sigh=qEHHzhhIkjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 28 Apr 2021 02:18:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8951 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2K6qdZd-6sBZzI4BZyI_VHSgoKeHJWTbNvgpzGZq10jI0ZPgp166k3R2fn5o; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 28 Apr 2021 01:56:55 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1272
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 663A 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIyqrervn_ACFVr5dwodQ8oEdg&gqi=38WIYOzvFJPlgQf5o5rwDQ&layout=/sadbundle/%24csp%253Der3%24/13064758606153383936/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 663A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a5a63d41ed04ef46d5a8e369dd990d8a49284e0531dce62c523698cb650f214

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
42980-200120.jpg
www.moneydj.com/ads/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/ads/images/42980-200120.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
ee8385a10a21c2b80d39740f73b3d682135ea61450e10f0fe9e178786838c8ae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; _td=1301c142-2838-45f2-9635-1750f164c1eb; __gads=ID=20a3dbcfdaf52438-22090e1ef6c7006a:T=1619576286:S=ALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:06 GMT
Cache-Control
max-age=604800
Last-Modified
Wed, 21 Apr 2021 02:41:17 GMT
Accept-Ranges
bytes
Content-Length
11329
Content-Type
image/jpeg
css
fonts.googleapis.com/ Frame 6D40 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 01:22:22 GMT
server
ESF
date
Wed, 28 Apr 2021 02:18:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:18:07 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6D40 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6D40 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 23:11:01 GMT
cdb
bidder.criteo.com/ Frame 2C50 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=68139009571
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:07 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid.aspx
prebid.scupio.com/recweb/ Frame 2C50 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6391868071290598
Requested by
Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29b3782189357c43599acf472dfb2918d89768afab8f5bcc86bac17c16665788

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
cache-control
private
access-control-allow-credentials
true
content-length
1228
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8951
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl2K6qdZd-6sBZzI4BZyI_VHSgoKeHJWTbNvgpzGZq10jI0ZPgp166k3R2fn5o; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:18:07 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 28-Apr-2021 03:18:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Apr 2021 02:18:07 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:18:07 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6D40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
104567
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 26 Apr 2022 21:15:20 GMT
ziegler-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ziegler-teppich.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ea8b5f827ea4d281efb2b160528f1f3c42ee6a3293effd59b371a92915acbc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
470554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37936
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 22 Apr 2021 15:35:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:33 GMT
gabbeh-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/gabbeh-teppich.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd7e0f21fb756e7baf6c321c6a895710711a7dca6afa20ac2c7fc1f49ba401e9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
249560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25417
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Sun, 25 Apr 2021 04:58:47 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 04:58:47 GMT
cta_de.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/cta_de.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
480caf8d247b71c562b2f2e63c824fbcc81d5b07861a752c4db9ff270bb16e2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
93675
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1657
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Tue, 27 Apr 2021 00:16:52 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 00:16:52 GMT
keshan_teppich.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/keshan_teppich.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd810c7b0062ca026e5f21f80ff89d6f08e1a6736c7601c34bf2b640d664e96
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
470036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46623
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 22 Apr 2021 15:44:11 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:44:11 GMT
logo-nain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/logo-nain.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7492323758213965&output=html&h=90&slotname=4695839166&adk=1198644947&adf=776186318&pi=t.ma~as.4695839166&w=728&psa=0&format=728x90&url=https%3A%2F%2Fwww.moneydj.com%2Fkmdj%2Fnews%2Fnewsviewer.aspx%3Fa%3D8a977847-970b-48b2-b188-fbf10b1b2128&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576287184&bpp=7&bdt=142&idt=128&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D20a3dbcfdaf52438-22090e1ef6c7006a%3AT%3D1619576286%3AS%3DALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ&correlator=4570452623641&frm=23&ife=4&pv=1&ga_vid=1016269126.1619576287&ga_sid=1619576287&ga_hid=1081897623&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2111&biw=1600&bih=1200&isw=728&ish=90&ifk=3341727983&scr_x=0&scr_y=0&eid=44741423%2C31060710%2C31060839&oid=3&pvsid=2998172431654948&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ylxf3hcp3uhe&btvi=1&fsb=1&dtd=147
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f048e73e39dfe007152d73f23869d3645ebb5ad4083e0261a5d00b77492ce63
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
86118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5957
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Tue, 27 Apr 2021 02:22:49 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 02:22:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8A74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgafwLHv6fYI0-tKs7mvyNTQf4RU-Ww-BbGMBHuoaMW2WOnsGSgbC6jSTIWoGvhHmBVWpr6DCnGKB7hRyJyjm6-PbNok8YyHZOwtq8Q0CKo1tJL9LBigHAbfx42qsJXJj98G6ngmV7fgSKoryKZVbsGS8qkuVF6YEcgH4LRqqT06VuC-2W_QZD1ykb_GpbVZk3PbeSAS9jTWLftrDg2fgw8TSBKrzMQFVCStIQXGYkBO5lOmJTbjQlQQbUWRPw6C1gZQrLh5KEe0-IYEzI2othXvEiypBrPs1WPDbBkSSI5RzbydQ2oExiQf_7&sai=AMfl-YQeisAFL39M9TjUiht_s-O0jgqirmwGej44-FrJcGKRg5WDWu-d56Izwdlz_5BZAvjkDUVlaU4ACDBkm2OqRUx28OncdXbhskxic3frPuIVRlKM7rBYuQIeDq6iwig&sig=Cg0ArKJSzBeWb7uUZoWxEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:18:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8A74 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c17e8dd3d45eac95f0f13efe03628e195ebce435092158aa6617c6627675e700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6980
x-xss-protection
0
truncated
/ Frame 6D40 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
logo-nain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/logo-nain.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f048e73e39dfe007152d73f23869d3645ebb5ad4083e0261a5d00b77492ce63
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
86118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5957
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Tue, 27 Apr 2021 02:22:49 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 02:22:49 GMT
keshan_teppich.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/keshan_teppich.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd810c7b0062ca026e5f21f80ff89d6f08e1a6736c7601c34bf2b640d664e96
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
470036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46623
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 22 Apr 2021 15:44:11 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:44:11 GMT
cta_de.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/cta_de.svg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
480caf8d247b71c562b2f2e63c824fbcc81d5b07861a752c4db9ff270bb16e2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
93675
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1657
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Tue, 27 Apr 2021 00:16:52 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 00:16:52 GMT
gabbeh-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/gabbeh-teppich.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd7e0f21fb756e7baf6c321c6a895710711a7dca6afa20ac2c7fc1f49ba401e9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
249560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25417
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Sun, 25 Apr 2021 04:58:47 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 04:58:47 GMT
ziegler-teppich.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ Frame 6D40 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13064758606153383936/ziegler-teppich.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ea8b5f827ea4d281efb2b160528f1f3c42ee6a3293effd59b371a92915acbc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
470554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37936
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:00:20 GMT
server
sffe
date
Thu, 22 Apr 2021 15:35:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8A74 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7492323758213965&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:08 GMT
events
bidder.criteo.com/csm/ Frame 2C50 		0
147 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:08 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 2C50 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 23 Apr 2022 02:18:08 GMT
pixel.gif
static.criteo.net/images/ Frame 2C50 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 23 Apr 2022 02:18:08 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame E413
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e81e7d122d75e0486ccb69b6d44018119dd64ede682d1af8ff54a4211ee57c9

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6906
content-length
39313
cf-request-id
09b7de0c830000c29fdfa58000000001
last-modified
Fri, 23 Apr 2021 08:06:21 GMT
server
cloudflare
etag
"60827ffd-9991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T%2FukoxbenVbcW%2FqQkli9D191Lwlv9%2F55HI6XKJ5rIXPK%2FpA8LYiPJRRFPjUzVop2lQf0QmV9CFmzEN4sxw0Pfv%2Fxz1Tzb%2Fqq%2BABMX3Q8MCppKiLm4NYiSFQb3pQ%3D"}],"max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
646ccc5a6bd1c29f-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
cht_cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame F3BE 		807 B
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/cht_cookieSyncIframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-type
text/html
set-cookie
__cfduid=d92dda49c9a09ca7c89103e064cbf4ba21619576288; expires=Fri, 28-May-21 02:18:08 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
2053
cf-request-id
09b7de0b1c0000c29ff298f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OMRbo39T1vxTbkX01j97nS9ETsfiyPoItkkRy6IeC1OynCQq0o%2FntYFqhYTvb%2FkyPiMdK9avvd19kNrjzq14FBaTeXZta1jiacbZC80AFB2NABFbZUBiHurKuVE%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
646ccc582a5bc29f-FRA
content-encoding
br
sync
odr.mookie1.com/t/v2/ Frame 8031
Redirect Chain
  • https://sync.aralego.com/idsync
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect=
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:11 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
date
Wed, 28 Apr 2021 02:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77A3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=3524611513505430&bg=!-vml-b3NAAZLnZBaS507ACkAdvg8WvA5oHzhbhaIttP4qww35ahFvlenA4TOs2R1eJZAPplACTtuYwIAAADhUgAAAB1oAQcKAHJHcQ1fFJo2nt3JVyQQNgmlt2P8zoj7ZVPXnZoVfF0g1kMwWVQZLrhNljHj_eeTx9-YPoK-ITJFQ5LL-EPEL5vh8GjHc8YAFA_s0HmC_G3D9FYygDRjGqNIaMd_afELvBA7Uh6Dr0ybSaj8j3_sphK6GLqZAiuDvwC964C2r8TyHnBRguKty71--DDG8kFYeTOVKbnenBJVr_XYzjGM6QpuwPKerPPgRO9z5B6xk2qsfah78ngtfYow4jsfJ6gcQgLT_Zk0wYH-mEavPezfECpow7762Vue-LGX2Yi-UHNV48KF11UQuKQTmwx54XOgjsU9HMrlyf6Rbx4IEYB-EIDHzV3sRuOIhXHfIOna_z0SZ2VrL8B-R2ii2Lt6nDZRQXg1pAYyfG24PbU8BI4YLodXKO2BTRJwWsqKuLjmNn7g3VJQzxFMfgIDZ-zqoVP9YTyvKbbalo7EDGpzeBmi9oSXpOSvilkSXT0GQdO_SYitp1_sohVBvLFvXzKS5mVIDOJ2cXFfxEdHmICjkoolwgR0LZBZAc_ZF1BVxPbJikKz6oLdU2yAuYZZgUFCEMlIVvPynjwTocydlqNlVs_J759c3zIwnnapAtd9RmCZB9uweyGXUyETVfLxcuAdR529TVQ5zgxmvVBvVpnNtxJevL-ftH7dxuuydqEZuspxyBXv3VYVLCrE2ltMuP2e5qVpPbbcKlta1rFpq3XglVJtKTKfvtKFDaFYdE_0ZJMAfn3eh3r8WkVT1wJe9iYjhVWpQ9uwzj1WTUzuMQ3Sje_sZvyxLip5wQxtAyb90QAmS-oF5CElC9ZuB8gEv3ubo9aQaQT6g8UAgJACIr8ZILRn7TQuwR9R36xlEkoQl09-aKYiIFEsXL2DUsEMTSTxg1Oqv-0
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6563 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10032
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set jquery.qkpopup.js
www.moneydj.com/funddj/ad/qk/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.moneydj.com/funddj/ad/qk/js/jquery.qkpopup.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XBJJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
be5e1bb54a9c2bc90c59bbb19dc9a43b3dc1e666f7bb0594c1f3939783c2d5f0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; _td=1301c142-2838-45f2-9635-1750f164c1eb; __gads=ID=20a3dbcfdaf52438-22090e1ef6c7006a:T=1619576286:S=ALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Dec 2019 08:02:45 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
4279
init.js
cdn.holmesmind.com/js/ Frame 9288 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47cca155305638f12c5e191dc08aeb4253b62263fab7f3ac49bdc3002dc661e0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Tue, 16 Mar 2021 09:35:51 GMT
server
AmazonS3
age
79
etag
"fcc536473734c006770cfb309e523fb4"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
6507
x-amz-cf-id
v3aOzpfZ9oHvSS0xTnbwE9X_cePDY0lx9zMC9ggOBRug8Hu6SkWlqg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F3BE 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
72c07f7143a03da5c551e7f27b38e6283adde0977d9627c49b1ac862372b6eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 922 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21058
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:08 GMT
cm.php
fcm.holmesmind.com/ Frame 4DAB 		568 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fda13765489ea484eb7f3d1a8c71ab1e6ac6ef976ea0cf5976f38000d40ea4ec

Request headers

:method
GET
:authority
fcm.holmesmind.com
:scheme
https
:path
/cm.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
Vision=20210428-23:59,20210428-13,20210428-13,20210428-23:59; C=null; RK=null; P=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
server
Apache/2.4.29 (Ubuntu)
set-cookie
fcm=1; expires=Thu, 29-Apr-2021 02:18:08 GMT; Max-Age=86400; path=/; domain=.holmesmind.com
vary
Accept-Encoding
content-encoding
gzip
content-length
383
content-type
text/html; charset=UTF-8
via
1.1 google
alt-svc
clear
capmapping.htm
cdn.holmesmind.com/js/ Frame F9FB 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d923d819ca2ff5b300761f494357861e57fa2f1ce9a9e1597147196887452ee

Request headers

:method
GET
:authority
cdn.holmesmind.com
:scheme
https
:path
/js/capmapping.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
Vision=20210428-23:59,20210428-13,20210428-13,20210428-23:59; C=null; RK=null; P=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

content-type
text/html
content-length
6245
last-modified
Fri, 12 Mar 2021 02:32:17 GMT
accept-ranges
bytes
server
AmazonS3
date
Wed, 28 Apr 2021 02:18:03 GMT
etag
"eafbd15dcbf67ea2b8cfadd2d92f78f8"
x-cache
Hit from cloudfront
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
sm-HfzgIZsc_XlCWJLFSbWF99TXFerO8G6_bbzd-xfkwEoXla4S0zw==
age
9
edmp_init.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 9288 		662 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 4e7b30670ccb8a3f3101333ef882f9b0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"f58f8a90686f8ffb3325107e8a788b71"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
uBiZJTJeyVSL6HU2XWG8F_oOUfJ7b0vzD2wB_kzRo67dqTQ_1b838w==
x-request-id
946ac1598784a36e076a6c02c64ab802
google_mapping_init.js
cdn.holmesmind.com/js/ Frame 9288 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/google_mapping_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0f9d12ccb4d71455e76a3f7a47dbf3874b4e96c54219d7c3756affcc40d770f

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Mon, 15 Mar 2021 05:11:36 GMT
server
AmazonS3
age
78
etag
"ecc7750ee9369dfb2865df8de920fc09"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
5374
x-amz-cf-id
uwK8mF-IjCVeALqHgEi9tu2eCOziTEA3wFxjHEwsvv84wfsqPJT1Qw==
presetfn.js
cdn.holmesmind.com/js/ Frame 72EC 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfdedced9922001dd8f57a9f6895fc98c2a4f3be61657f85d5e02833e2ac3f88

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Wed, 21 Apr 2021 05:36:32 GMT
server
AmazonS3
age
78
etag
"672091ca2d6fa2dabbc79e0cae663482"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3929
x-amz-cf-id
jFjlGTTKzFfRHCPWMeyvMl28-Z6SPIjVanH7K-iBS851HuJPDHHr1Q==
cm
c.holmesmind.com/ Frame 9288 		0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 6563 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355730
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
cm
c.holmesmind.com/ Frame F9FB 		0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
/
cm.lndata.com/ Frame F9FB 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:08 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Content-Type
image/gif
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cm
t.ssp.hinet.net/ Frame F9FB
Redirect Chain
  • https://t.ssp.hinet.net/cm?c=cf&ref=https%3A%2F%2Fcdn.holmesmind.com%2Fjs%2Fcapmapping.htm&cid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq
  • https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3Dcf%26cid%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26ref%3Dhttps%253A%252F%252Fcdn.holmesmind.com%252Fjs%252Fcapmapping.htm%26...
  • https://t.ssp.hinet.net/cm?c=cf&cid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ref=https%3A%2F%2Fcdn.holmesmind.com%2Fjs%2Fcapmapping.htm&flag=1
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ref=https%3A%2F%2Fcdn.holmesmind.com%2Fjs%2Fcapmapping.htm&flag=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.HINET-IP.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=0
content-type
image/png

Redirect headers

location
https://t.ssp.hinet.net/cm?c=cf&cid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ref=https%3A%2F%2Fcdn.holmesmind.com%2Fjs%2Fcapmapping.htm&flag=1
date
Wed, 28 Apr 2021 02:18:09 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=0
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 72EC 		992 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=10623
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2c47ec141c8b4fc1e0889efffd2deacb7bd6329bbf84826a12cb3821a95e2336

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:16:04 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
124
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
P0DBjoUO5LjPOPcBXAj7S1x8RhzAqicLe-YL-qzGkWxc3N97cfLp1w==
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
ads.js
ad.holmesmind.com/adserver/ Frame 72EC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=10623&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2FTurn%2FCF-300x250_NewsRight.html&n=447&o=1&d=1&b=2&ts=1&ii=2&FPCK=427-0qKvqF8KVHsmCcMladoIh0k2iKS9y6zy
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7e924a5af1164b6ffe09c2c9c69d3381a795c48bf83571d2dc903238bfd6e7c8

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 72EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 361dd7903f81f9843925fcf6d0c05bbd.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE50-C1
etag
W/"6a605eea47197fa280f27aaf1fa1521d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
UQNiqPBWnRuQfDx3sr03lIOQesLTwTc_KRyCvZpR5VhXT1mbgIDLtA==
x-request-id
831e65758a870e07cddbf74769be10b8
publishertag.js
static.criteo.net/js/ld/ Frame 72EC 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:18:08 GMT
criteoV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 72EC 		2 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 8c13747cfbdbd8f1bb0156074cd7a969.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"e8f33fcb581483ced4a09b3c8e7550e4"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
rlBygXvBQz1HjKV-NsXIG5SvZU-iXfqLHN7c8hZR3dmQ4B43Ncp9kw==
x-request-id
03489f877ccee3a3cb75fefb7dca9d50
bridgewellV3.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 72EC 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 7570f485f03bad71f82f7f4b41147dca.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
HiNetCDN/2104
age
33
etag
W/"c3b948e5a48dd0ec20c265d6d8da7add"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE50-C1
content-encoding
br
x-amz-cf-id
fBVlmi_Lk4RyKAPJ-YafAvr9YuajbTUhDwf-cCshSWqu_bJFgQz9_Q==
x-request-id
6390b028653856d41978aaf459876438
appierV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 72EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 b1e98d6f23bf8312e5a34847053352cc.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
HiNetCDN/2104
age
34
etag
W/"548ed610a8571343fb3022f543174735"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE51-C1
content-encoding
br
x-amz-cf-id
V6DshkijstfzesKZiYE1BOrWSfu178pAdlqpDZX13PSY4PfN0hqF8w==
x-request-id
6c5ff60da4bca23da9c912746d424ded
appier_mainV3.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 72EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 f6850e35751498c1e3b732475b1f4da5.cloudfront.net (CloudFront)
last-modified
Mon, 01 Feb 2021 03:25:47 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"2dd28f3fa27f42668b8859c537099414"
vary
Accept-Encoding
x-cache
EXPIRED, HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
2A3xzuJs74EwWVM8N6g7HujG47b-cy9t_6OXPuwnBb62WHoVxmp8jw==
x-request-id
1774859f21130b75b631a26d35b2eac5
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame F3BE 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:08 GMT
syncframe
gum.criteo.com/ Frame 202A 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.moneydj.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
3222
date
Wed, 28 Apr 2021 02:18:07 GMT
content-length
0
2.js
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame 2C50 		866 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/tmp2/2.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
1460db1c4f8ed6ce0246518780239ed21a79d4274e1fd4dd50d9acb7c3bb2829

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
via
1.1 41d758bee13953e753f6df8ad516691e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Mar 2021 08:12:41 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE50-C1
etag
W/"5ce48a368c337a2bec8479256f06f4e2"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
nQ4LDgKcVRHYo3tBNddhzHsdTFRPwWG3kcptIiTUG7HefvrkGVvgWA==
x-request-id
a571ce75b960cf6d5c6b9fd5b11d11c6
activeview
pagead2.googlesyndication.com/pcs/ Frame 557D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWwunwP7jzogRfXjkh2wdgaxAxkb6Yv3Ga9l77mXmjTj8vHCxDf0abd0z7rSpx7paVphMiNc9vBQ9LLC30koFDjoDxY1HPLQ&sig=Cg0ArKJSzBxsBy6PG3yIEAE&cid=CAASF-RovEdo6rh6lJp8u7VtDV76u-eyZFZT&id=lidar2&mcvt=1005&p=253,987,503,1287&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2064055290&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619576286696&dlt=276&rpt=2&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ch/adsid/ Frame F3BE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F3BE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F3BE 		330 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1032070054999490&correlator=303537949734336&output=ldjh&impl=fifs&eid=31060841&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1619576288292&dlt=1619576288072&idt=202&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=k4879grgc42k&ifi=1&ifk=923963767&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=21324624.1619576288&ga_sid=1619576288&ga_hid=1070552202&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b6706e124a0a136eaf31540bbe1682073cf43cd947aea6e551b999a927b2c1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0a8774b85665cee7386fd9954e38dbde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F3BE 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://0a8774b85665cee7386fd9954e38dbde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame F3BE 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fbevents.js
connect.facebook.net/en_US/ Frame 4DAB 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://fcm.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23961
x-fb-rlafr
0
pragma
public
x-fb-debug
a/uqFXfm9z+V6dd6s3nCKQmvMBM2qS0sQKbHmT4V+S0WQXauM03O77SlJM5YRXKAfLj7/SjtPTa4IBtb2WD9wQ==
x-fb-trip-id
512678718
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:18:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F3BE 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49e19dedfbc2eea434d41e36a3d5d83c818febd47a931c1a79f8fecfe264f646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7055
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A74 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=2998172431654948&bg=!7u2l7anNAAZLnZBaS507ACkAdvg8Wl9pPO2DzBLt2RREBflaV4zSTPqH-jFnPx-t32kDhOernKDEDwIAAACoUgAAAA5oAQcKAHGU7r4bfSq1phZVI5XAta17mdMe89g2N62dpXXRgVhM1aOeu0Zyt0kbRy7Ns1HYqQTV1Lxc9FXpCimJHDMdSM6DzsgoGKexlW9TNS7YHoisRh0hA-xF3CagUVkBEaC_q7ZEi9IX5uD1vwBYOSMuKA6BSpkCMcRMypRsHwi6NCI2u1kNOBOhFNmq8dVU7rBAgu-Yrkez71SBYARKqL3VBVPk6nNqX4KuGB7s_4rgT5Nf69ND76DSW5qZOsZClHqamNfe2-Z64i2EfVfobKqxfp-vG8wHEk84wH9dDoibQ18A8jyO0IvsQfHP1WB5vRcNs_JKR5J-yMzzvzYmAZBRAHJoVF7jpegHuOBLAmvGoMEu24TJtcqkrgm4dRveAbfQe39BVkH_S84JV2xQkaAomxLAQXp6ILEHLoLFUDkSCBL-iVqa2u24UcA6FrMbTfKQB7QPN2f_5YA0KdfrNBaKN85jIgWbm54smavYPcJP5A0M292vP2cC1odu5qfnkY2uPb1H2FjEAFoGOMlmFqZ_4T7DDSYvLTI-oT_KrGf132WB8hJ0ih8QRxaN7dtdWg7Hc16i3SzN2lsWH8QIt_dhFDfM-uztf305nT95PScqQyOgerkWHe4RwxRNg7O0ODAGGi3f3DYrdfP9J1MiHRD3SQBfW9JuJD2nmLq2Roe8dSZ4zWsRo40ZPov2-jSGIUFQgEvTH-jMiyh-5zi7dt3slQVfduuCkmeZW1G-17MoUSy5E-tVkw7OGFEM8sAwwsGmrqtV7yA-UNeMVgEHqncF-RYVPZ21DjiP6GWZR9Cka4SOu5C43ZSaUUEOmQ4doEysbCqqADdQUiuO8AD7qNDaz8g3kSP9o_hUfAjoqv6OKex-JqerwR0gzKOJ6syurXieQD4EoY2ipA
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F3BE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:08 GMT
Cookie set popup-close.gif
www.moneydj.com/funddj/ad/qk/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.moneydj.com/funddj/ad/qk/images/popup-close.gif
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.66.210.14 Taichung, Taiwan, ASN4780 (SEEDNET Digital United Inc., TW),
Reverse DNS
h14-210-66-210.seed.net.tw
Software
/
Resource Hash
bf9fc023ec6b3b8c22ce8ef08b7514527360ae5f75578bdeded5d4b420dd773f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.moneydj.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Cookie
USER=; _ss_pp_id=db0211a808d6cb24be01619569085454; djaid=1.5a66aaa9-a210-4683-84d3-82461fdef0c7.1619576285.1039206186.0.0.cb35d; ASP.NET_SessionId=5fp2qbezeawiwg55nb3shb55; _td=1301c142-2838-45f2-9635-1750f164c1eb; __gads=ID=20a3dbcfdaf52438-22090e1ef6c7006a:T=1619576286:S=ALNI_MZkDm-4oh3csDP72XRUzkGAP-uSOQ
Connection
keep-alive
Referer
https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:07 GMT
Cache-Control
max-age=604800
Last-Modified
Mon, 05 Jan 2015 10:21:15 GMT
Set-Cookie
USER=; path=/
Accept-Ranges
bytes
Content-Length
1229
Content-Type
image/gif
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame E413 		975 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3069
cf-polished
origSize=1191
cf-request-id
09b7de0cae0000c29fc2b3d000000001
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l4zx%2BwettoUu7rKzIZUYOsIR2b6e5ArjD9fy43ApGGzjf6eCl6FRKLOvvez5XFZL%2BQpfJ4chdgk%2FSoaGQtxUtbhAZyDJi%2B8fPMnJSl1lSM97edwnSo4OOeLuh6Q%3D"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
646ccc5abc01c29f-FRA
cf-bgj
minify
idRequest
sync.aralego.com/ Frame E413 		46 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fa1b381fe26c30d1f677deab4833105d8b1cefab157c31c96cfe37c4f2c7262c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame E413 		378 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2Fwww.moneydj.com%2F&xr=1&adid=ad-AA7A84E7EB39B289F8D2962878379882&w=300&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3454448535768355&ao=https%3A%2F%2Fwww.moneydj.com
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
c83806ab124918e7d513b5c1688eb33e72eb5123bfebf94c7351d9b96efda642

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:09 GMT
X-Width
300
X-Height
600
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.doublemax.net
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
f0d79a70-c676-377b-bbe4-4acc550a180c
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
378
X-AdStyle
banner
X-Adtype
html
av
ad.holmesmind.com/adserver/ Frame 2C50 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256&type=0
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 0A9A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVytbXsTODEmoUR-JxHLUdSqeT_G0XTY0XfGxwCYPtqjmUB16J1TX5elZ1Bh6JB_ihuSSzSX8tmrjkcdEeP-lRHoigGL_D5ZkVLuL1Ki6Vd39NvkLrSnfLhVeIggqlP50GYOtiUlwwrIzZW2cgFJRDh2i_MJiurompQwyzhNgOVkjmSEf7gdFsblhS5regNO2jS0QrENSoit8tGocKQHsnY2M4s7AivyqaQj-mKJ5hs1ynZJQemJbak5C3AiCqM7rqL-0aW9gwiTW1NnbXKrysi8shI3vgFp6phsAvj-8cAiUo6ClFwsu1gQ8&sai=AMfl-YTGp_svXcqr3AkX8LiK-k7mJjTmnmUJZKbpd3ORNAM0A7-ogaNN5Esoixi5w-7naQg4TLLY5eiAuOc6dbJ_lq2bu0kgAVknh8PuS1FfPaHvHiYeyrTK1ajCOxboaeQ&sig=Cg0ArKJSzJvBo_bfGAcYEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:18:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0A9A 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9445e397b974f431b4f90511551a0ce3986a16ea9076361e5bd58ca3086df069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6936
x-xss-protection
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 72EC 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 72EC 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=50407513126
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:07 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid.aspx
prebid.scupio.com/recweb/ Frame 72EC 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8805559184114993
Requested by
Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
43e9b31fcde2e99075a1313abc35b1c513cfeea8b59a49c293eb216447bff01d

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
cache-control
private
access-control-allow-credentials
true
content-length
1224
drawV2.js
cdn.holmesmind.com/js/ Frame 72EC 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=10623&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2FTurn%2FCF-300x250_NewsRight.html&n=447&o=1&d=1&b=2&ts=1&ii=2&FPCK=427-0qKvqF8KVHsmCcMladoIh0k2iKS9y6zy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:43 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
45
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
791LAB7MkYRlX9FB83HlZeZAUtBRHGoe8Sg6wODOMWAlLquAOhhePw==
bid
ad2.apx.appier.net/v1/prebid/ Frame 72EC 		0
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 72EC 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7391 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10032
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D31489%26Tags%3D2004%2C2003%2C2002
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D20694%26Tags%3D2008%2C2007%2C2003%2C2002%2C2001
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D31515%26Tags%3D2200%2C2198%2C2196%2C2194%2C2192%2C2190%2C2188%2C2186%2C2184%2C2182%2C2180%2C2178%2C2176%2C2174%2C2133
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D25299%26Tags%3D2008%2C2007%2C2002%2C2001
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D28173%26Tags%3D2008%2C2007%2C2006%2C2005%2C2004%2C2401%2C2420
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D28172%26Tags%3D2008%2C2007%2C2006%2C2005%2C2004%2C2401%2C2420
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D31376%26Tags%3D3121%2C3073%2C3283%2C3301
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 9288 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq%26SID%3D31378%26Tags%3D3013%2C3014%2C3215%2C3325%2C3023%2C3024%2C3112%2C3029%2C3048%2C3305%2C3123%2C3114%2C3116%2C3117%2C3118%2C2089%2C2083%2C2329%2C2331%2C2332%2C2365%2C2370%2C2372%2C2374%2C2352%2C2608%2C2330%2C2900%2C2903%2C2922
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame D16C
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e81e7d122d75e0486ccb69b6d44018119dd64ede682d1af8ff54a4211ee57c9

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6907
content-length
39313
cf-request-id
09b7de0f3a0000c29fc6a0e000000001
last-modified
Fri, 23 Apr 2021 08:06:21 GMT
server
cloudflare
etag
"60827ffd-9991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BbWnBCGMunykzmS30e3x1BOrYYtgtPiqcG0odS4JZN4LgbQvXU9J7fTI1L0v7fn0MpObogushA0dIcvEzWxGdXaYrkYnbwmZKCxricK0hxdFLt%2FunA8dNXrmUXw%3D"}],"max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
646ccc5ece96c29f-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
i
ad.holmesmind.com/adserver/ Frame 2C50 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1619576287&p=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0A9A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=www.moneydj.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:08 GMT
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 7391 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355730
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
events
bidder.criteo.com/csm/ Frame 72EC 		0
147 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:08 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 72EC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 23 Apr 2022 02:18:08 GMT
pixel.gif
static.criteo.net/images/ Frame 72EC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 23 Apr 2022 02:18:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 18FA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneydj.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.moneydj.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10032
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 77A3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsJOce_ZQFucRv2Tt84_mlv75h9S25MvoktqlmtLe1uiFegU8yGiylEdAiBEItsQ-pQUzzE-Hhiz1PnX-8k43YwLotda1H_FoZMf3f1DA&sig=Cg0ArKJSzJEby5QWpR3bEAE&id=lidar2&mcvt=1002&p=743,992,993,1292&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210423&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1452853795&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619576286541&dlt=0&rpt=99&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
m.holmesmind.com/ml/ Frame B504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&targ...
  • https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublema...
0
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/google_mapping_init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
m.holmesmind.com
:scheme
https
:path
/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
Vision=20210428-23:59,20210428-13,20210428-13,20210428-23:59; C=null; RK=null; P=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq; R=null; G=we3u7ZGJymKY5J47cKd8kQ==; d=/jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

x-guploader-uploadid
ABg5-UyOJ8glIeancDQ17MUWqMrBeqMo69axRiQ6C9kF8GHDiaQsxplCrwS4Y8bPPTnc3it9uX6JIFkM3CS-V8AgKbvOJwgK3A
expires
Wed, 28 Apr 2021 03:18:09 GMT
date
Wed, 28 Apr 2021 02:18:09 GMT
cache-control
public, max-age=3600
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
0
content-type
image/png
x-goog-hash
crc32c=AAAAAA== md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-storage-class
REGIONAL
accept-ranges
bytes
content-length
0
server
UploadServer
alt-svc
clear

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10846:9281:24506:693de5234c58e1209c5aa9d5c1c62975:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200519%2Fturn%2Fcf-160x600_newslefttop.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
date
Wed, 28 Apr 2021 02:18:08 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
663
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 18FA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355730
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F3BE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=1032070054999490&bg=!HxylHFjNAAZLnZBaS507ACkAdvg8WpyiV08s4JtMuL4vglWNzmeEtDrS5QCjErLlFP2j61UOTuhyigIAAACVUgAAABdoAQeZAnWJVVXg6oU1POz_vO3aywOFztfVRxOVbTznO4cSab_iY3Ay-y1tCW0lbG6clRVaGlxvnIpI7NpO1KiqegIRx1XQmSq6aiRmGyqQ4rf0qFdQ97bB_q50niTxPAkTjZd6vFyLiFtmCcdKGmsQhFv9gy6scv8-iNjhbN9DRa-sUiGaWcP0YeyR_w9A24ev1xKOo2KCIxfMqw5Va5radV6XT1cveDtr19D18uumbtDqo0ILD9VWzYOulHYnRnfoSUby_eRZ76hjOFGFxwkvz6-ihUM_UGLwUOL5Hc_2vve6QC16yBeRWaEQGTh0ec2kAnR2bh6zwZPUM8jbzWU00ZK3xC6TcacSbbaJ_XvdODkTSWeX4FeT54KflTJ9DemgVlyUM2CAAOujEmhz1feluH1caKF0ExcBXgSXple0xpEqPWgtlxA6rmmqc04sSjtb4lLkA1v0bK2c6BPqCMZeK0F3ZpHX0D70pWctDrFyTcF1xEQ1mUwkQU9OBiM4coWp9FGpHJm9rvn1KIYJG6csps1t6FZUgs24Z0nM1noPRfXA0rJ4Xr-phFHP1KGm0_vyjE7E6jkfyAvQiIbEv52v4aJ5GT06gKLQE8M_yatYECtVkoZU8Di7MREeVmP3xwPb_vH0NgoFIWIufWF985ZAjMH2eIqBhVXqBHBsXgIys6lbRzDPJlH39uhpFVvMcmcPbbk-0RSoPE6toYJINjqMbTQXDWNh34-Flub8_spbZn5E_bb80UE8SonMDyNJmwU17lhCyzSQniJ7gGpAgeO4PyZ546jjgsmSx-PbyEMk_OkeozihdqjvgTA9h8PfVl4mbt31_ZEDVDt5Rw
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A9A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=2857163765130310&bg=!CwilCEzNAAZLnZBaS507ACkAdvg8WvS0xvxLNQ6LnyyUgB1YWcSj9dLg1vI1VwP9NDYgSELxmw_wtwIAAAB6UgAAAA1oAQcKAASc0S2kmQIkjnmPhl1oRY2dTsl_aHa7iU5Ce-rMpxAqTQDZ8js1s_8i_e0c2RS07WHAPaESoxS4igFgJWG33zoV8l6NJFxVYin79FfDufQ6YEwELXmeipbEbjrS8HWAwEwubf9D0rrDj89iHTOcsUb3c1qGQkVHQAigVZOXVkSBhOIybmI5TjS-axOOesH4X2HawIRnDPj3ZorE43Z5-BLLtYZGpJfTIkhCnOpHovTHIUkl2v0PDw3k3N-XvDj9Zk-W-2TGwKjRXCVjU72W2ECH1Ml0irbzSl-dbKsW_IeNFUqlUrr7DkezMWTiK20O9bcmm7cwlnJWgxJMbfNtx8UU-jC_OnCbp-EoS2X1gCNZW55-W1FSvXKkg-Qa9tCz_uYD6b6uS6l4dRyS8NS-oinCmEMu4DMNSGbbj3c6dY9GcxlM89kHFErKbGOe9K18SsLK-BPUwlATR3DmLvSi5llWO8KE2ayMP1GM4aQdCwiq8_edAUhQ26MDogQsgBMLBdyS1BUD8MPVbQZr4oMgFfO3gH4FihR44DstEjaMMOZBppxOMmpR9X2wkDEInap8y6Ml4M3MuTLyTIoRrlcz2Uob86hgYPthDq4yFfGbjLfGWsQ4avB8iaNa6LxCoEFxLTN-4InpOqEwKv-eye2S_dg-fd7KMAp99B4vyxOPSegotWJzTQusP1cdcimsSHJdfQMl9uidRyMUQ7uiyPJQvQ8LrgzDFkD8qAqLKZg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.moneydj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.js
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame 72EC 		768 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/tmp2/1.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d5b31ebf4f096cec7354dd6d17ca3f2e0763c56ea0a25c642089fbd981cd0558

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 8c13747cfbdbd8f1bb0156074cd7a969.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2017 07:54:25 GMT
server
HiNetCDN/2104
age
23
etag
W/"124d2d33c6a8e65dc8edee4968d5ff15"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE51-C1
content-encoding
br
x-amz-cf-id
6nF4toOqnylQEWp1xmLYvT9gqhGzH8MYt33NFhhgSUqpWzamtlrcxg==
x-request-id
0bf91208b9f70549460fbefbda5006da
cht_cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1BEA 		807 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/cht_cookieSyncIframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-type
text/html
set-cookie
__cfduid=d92dda49c9a09ca7c89103e064cbf4ba21619576288; expires=Fri, 28-May-21 02:18:08 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
2053
cf-request-id
09b7de0e7a0000c29f9993b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MrUJmspr%2Beb3gsILNoRkFI9Dd1JxIUnzn4pwqEtRSVCXmstNZ5YNv3aW8xm%2Fx03z0zCikYLuNbSSqnoEGVv%2BPD4ieiDDqYJE9G%2BtgJAkVYrfGpm%2BSXwMYLJSDqQ%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
646ccc5d9ddfc29f-FRA
content-encoding
br
1x1.png
cdn.aralego.net/img/ Frame E413
Redirect Chain
  • https://sync.aralego.com/idsync
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=247bc810-c3c6-4272-bc7d-dd03b9d598e9&google_hm=MjQ3YmM4MTAtYzNjNi00MjcyLWJjN2QtZGQwM2I5ZDU5OGU5
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOCTVLhgNry1V0Od698TIpw&google_cver=1&ssp=ucfunnel&bsw_param=247bc810-c3c6-4272-bc7d-dd03b9d598e9
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=247bc810-c3c6-4272-bc7d-dd03b9d598e9
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZjBkNzlhNzAtYzY3Ni0zNzdiLWJiZTQtNGFjYzU1MGExODBj&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2499
content-length
68
cf-request-id
09b7de1ade0000c29fd420d000000001
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WSHHrYXT7It635s0mH2%2FpfbVquzHWfnWCTiXYodf3a5bQWt9DbOJZyFtiNtzRaJuZbsbUrngHAhSjGawR5gTCIuXL%2BI5FXDUrAkWASVw4vF9gTMx%2BXDYf3ENgLQ%3D"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
646ccc716af0c29f-FRA

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1BEA 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2e25369eac94e1bfce438945d211dd3317b0aa6eb39a3eb94c2a6b34701a5c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 353 of 1000 / last-modified: 1619561403"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21192
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:08 GMT
pubads_impl_2021042601.js
securepubads.g.doubleclick.net/gpt/ Frame 1BEA 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Apr 2021 08:39:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108658
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:08 GMT
integrator.js
adservice.google.ch/adsid/ Frame 1BEA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1BEA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1BEA 		330 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2497129470754393&correlator=2399447868713317&output=ldjh&impl=fifs&eid=31060790%2C31060854%2C31060921%2C31060396&vrg=2021042601&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1619576289044&dlt=1619576288907&idt=118&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=2nmpssjr5r3u&ifi=1&ifk=923963767&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1633716313.1619576289&ga_sid=1619576289&ga_hid=1137593081&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1ccfbddf7c631e79d1f4df3122b139238846fb92446405213d882d3a68a91c29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
15e2e1f16b5f2f84618a37cb96f8aaf0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1BEA 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://15e2e1f16b5f2f84618a37cb96f8aaf0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 1BEA 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
av
ad.holmesmind.com/adserver/ Frame 72EC 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893&type=0
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D16C 		975 B
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3070
cf-polished
origSize=1191
cf-request-id
09b7de0f590000c29ff70cb000000001
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MOGA4niW9ikSELAabkNakM1wVI7K4ijkNX%2BMpMbIo2YJwIRqoxklFFJmRRf3HKJhPWLiox8uuT9TyZWO9kju9S9qtwLF5iL0ZX2d7M055yJu5W9NJSoQgGDh1Ds%3D"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
646ccc5efedcc29f-FRA
cf-bgj
minify
idRequest
sync.aralego.com/ Frame D16C 		46 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fa1b381fe26c30d1f677deab4833105d8b1cefab157c31c96cfe37c4f2c7262c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame D16C 		535 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2F42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com%2F&xr=1&adid=ad-27336D94344972E919A4B79A96A2D36&w=160&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6785508131307221&ao=https%3A%2F%2Fwww.moneydj.com
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6106f69094ce902b385e9336f20332ae2df888d53bbc3b1da6c3ab5bbb87d634

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:10 GMT
X-Width
160
X-Height
600
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.doublemax.net
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
f0d79a70-c676-377b-bbe4-4acc550a180c
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
535
X-AdStyle
banner
X-Adtype
html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1BEA 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54be76c562120111fedd1d782aadbfe6b272f366aca43c53947e572b5bcabfc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6935
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1BEA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5D84 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10033
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7AC6 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2017c38c7666321d4753e692db16ae2698267fd6f8fa82c25737901b5f394698
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fIDdcds87uPU+Es6MUCBiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=214=N3mckQmAOgEd4zxrnKbrH1pt8Sfrzz2btAXU9cIsXzDzr6J6ywlZZIy_--Mo5ZzMojUU1jlAF0lCQOmNJnUtprW5eEKWygQ-0TfiIFTA3MpdqKgZCi1ss2TtikEZmWP6E0d31R8-yTJrhuCSD9ffVKTU_svPxPltDrs9N3huka4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.aralego.net/

Response headers

expires
Wed, 28 Apr 2021 02:18:09 GMT
date
Wed, 28 Apr 2021 02:18:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-fIDdcds87uPU+Es6MUCBiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 5D84 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355731
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
aae8902985f70aea661cf8023f85fcef.jpg
banner-cfnetwork.cdn.hinet.net/image/6893/ Frame 72EC 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner-cfnetwork.cdn.hinet.net/image/6893/aae8902985f70aea661cf8023f85fcef.jpg
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d605b8016e96843b147169071b1b1442b000a65f71a0cd4b3a7164d4fc9dc282

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 17f21d76992484e023b97c9b94e008a6.cloudfront.net (CloudFront)
last-modified
Tue, 16 Mar 2021 11:01:37 GMT
server
HiNetCDN/2104
age
797
etag
"421a434546050531bdb55b4faa802c13"
x-cache
EXPIRED, HIT
content-type
image/jpeg
x-amz-cf-pop
TPE51-C1
accept-ranges
bytes
content-length
96959
x-amz-cf-id
7Da8ncdo-TUNXXr_A60EOhvdE3vO9-GrI8U4MwsZGpw5f2az911eVw==
x-request-id
19b6358e8390a269885d55e90ba9aa06
i
ad.holmesmind.com/adserver/ Frame 72EC 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1619576288&p=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x250_NewsRight.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
init.js
cdn.holmesmind.com/js/ Frame 0A70 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47cca155305638f12c5e191dc08aeb4253b62263fab7f3ac49bdc3002dc661e0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Tue, 16 Mar 2021 09:35:51 GMT
server
AmazonS3
age
80
etag
"fcc536473734c006770cfb309e523fb4"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
6507
x-amz-cf-id
AIaxk9i4zmZ13QWhc0aLSa3kthgnwqVuLPb2GJEIH8CdXuOi5D2lyA==
cm.php
fcm.holmesmind.com/ Frame 2507 		332 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

:method
GET
:authority
fcm.holmesmind.com
:scheme
https
:path
/cm.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
Vision=20210428-23:59,20210428-13,20210428-13,20210428-23:59; C=null; RK=null; P=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq; R=null; G=we3u7ZGJymKY5J47cKd8kQ==; d=/jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
332
date
Wed, 28 Apr 2021 02:18:18 GMT
alt-svc
clear
capmapping.htm
cdn.holmesmind.com/js/ Frame E7E8 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d923d819ca2ff5b300761f494357861e57fa2f1ce9a9e1597147196887452ee

Request headers

:method
GET
:authority
cdn.holmesmind.com
:scheme
https
:path
/js/capmapping.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
Vision=20210428-23:59,20210428-13,20210428-13,20210428-23:59; C=null; RK=null; P=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq; R=null; G=we3u7ZGJymKY5J47cKd8kQ==; d=/jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

content-type
text/html
content-length
6245
last-modified
Fri, 12 Mar 2021 02:32:17 GMT
accept-ranges
bytes
server
AmazonS3
date
Wed, 28 Apr 2021 02:18:03 GMT
etag
"eafbd15dcbf67ea2b8cfadd2d92f78f8"
x-cache
Hit from cloudfront
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
6jbt5bZwBBbBcvQ2L-Kt3hV3IyPO0aInIGdsyA4-8crkJlrurs_MIA==
age
10
edmp_init.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 0A70 		662 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 4e7b30670ccb8a3f3101333ef882f9b0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"f58f8a90686f8ffb3325107e8a788b71"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
uBiZJTJeyVSL6HU2XWG8F_oOUfJ7b0vzD2wB_kzRo67dqTQ_1b838w==
x-request-id
0a50f5dbee7cf1e424ca88e56eb89b63
google_mapping_init.js
cdn.holmesmind.com/js/ Frame 0A70 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/google_mapping_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0f9d12ccb4d71455e76a3f7a47dbf3874b4e96c54219d7c3756affcc40d770f

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Mon, 15 Mar 2021 05:11:36 GMT
server
AmazonS3
age
79
etag
"ecc7750ee9369dfb2865df8de920fc09"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
5374
x-amz-cf-id
jgzANLzb5eqP_rtD-KW5nHMDL8-f5qCr6EGL0eZ9HukDmkt3GNZ1kg==
presetfn.js
cdn.holmesmind.com/js/ Frame 493A 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfdedced9922001dd8f57a9f6895fc98c2a4f3be61657f85d5e02833e2ac3f88

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:42 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Wed, 21 Apr 2021 05:36:32 GMT
server
AmazonS3
age
79
etag
"672091ca2d6fa2dabbc79e0cae663482"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3929
x-amz-cf-id
sVrA-iYLz0Va5X0KqSAYv1VVfjriXZnbjBmD_cPjW4Fw2zlK59VO0Q==
cm
c.holmesmind.com/ Frame 0A70 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 3165
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&tar...
  • https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublem...
0
137 B 		Document
General
Check archive.org
Download Go to
Full URL
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x250_newsright.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/google_mapping_init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
m.holmesmind.com
:scheme
https
:path
/ml/google?log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x250_newsright.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
Vision=20210428-23:59,20210428-13,20210428-13,20210428-23:59; C=null; RK=null; P=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq; R=null; G=we3u7ZGJymKY5J47cKd8kQ==; d=/jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

x-guploader-uploadid
ABg5-UzTSa47vTAr3QUxMyIPk6IbNU02M3-mVu0vLDILIxw_y4oLezRuAtHE344pe3GNA9MIQPEkZWNIBzLEmk43Nw
expires
Wed, 28 Apr 2021 03:18:09 GMT
date
Wed, 28 Apr 2021 02:18:09 GMT
cache-control
public, max-age=3600
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
0
content-type
image/png
x-goog-hash
crc32c=AAAAAA== md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-storage-class
REGIONAL
accept-ranges
bytes
content-length
0
server
UploadServer
alt-svc
clear

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10623:30258:85886:6abd800375960f84dffdfbec79aeae8e:6893,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x250_newsright.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESECHGGoIgTeJA3BNc77m1DFA&google_cver=1
date
Wed, 28 Apr 2021 02:18:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
701
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cht_cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame F92D 		807 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/cht_cookieSyncIframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-type
text/html
set-cookie
__cfduid=d9b004d5fa4898e25f10bf97ac6cf1a451619576289; expires=Fri, 28-May-21 02:18:09 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
2054
cf-request-id
09b7de10180000c29fd41c2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lf0leS7dIArMN88yeJRIT6z%2B8MFjw%2FSmpF0qk9wNXMlW95gI0C7mMu3l%2FXqjj2Gjiy0QfnxP2oMkXGts2GJtZ2ibkmyJ4rzXPveOvUems3ttVJVh1BKtXShQOtE%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
646ccc602fe0c29f-FRA
content-encoding
br
sync
odr.mookie1.com/t/v2/ Frame D16C
Redirect Chain
  • https://sync.aralego.com/idsync
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-5gvO80xE2oU0dfBeo59swZCxmzfDlXdRw6ESMvE-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=c7a7cd14-5e2b-4f66-9c9d-d73cb700982a
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect=
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=f0d79a70-c676-377b-bbe4-4acc550a180c&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:11 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=247bc810-c3c6-4272-bc7d-dd03b9d598e9&ssp=ucfunnel&gdpr=0&gdpr_consent=
date
Wed, 28 Apr 2021 02:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Preset.js
adcdn.holmesmind.com/adserver/ Frame 493A 		697 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=10624
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a600:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d82926a9f2c0de90e54298a89105eca9647697c6b8283c8461db0e8b34d4e830

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:13:40 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
269
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
13TEX7KZCWnJNbQXTa7AFanAO_fbGx67EieOyZ-1DVDAuh-aQhD94A==
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cm
c.holmesmind.com/ Frame E7E8 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
/
cm.lndata.com/ Frame E7E8 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:09 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Content-Type
image/gif
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cm
t.ssp.hinet.net/ Frame E7E8 		0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ssp.hinet.net/cm?c=cf&ref=https%3A%2F%2Fcdn.holmesmind.com%2Fjs%2Fcapmapping.htm&cid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.HINET-IP.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
cache-control
no-cache, private
server
nginx
strict-transport-security
max-age=0
content-type
image/png
ads.js
ad.holmesmind.com/adserver/ Frame 493A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=10624&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2FTurn%2FCF-300x600_NewsRightDown.html&n=671&o=1&d=1&b=2&ts=1&ii=2&FPCK=4689-m6CPWsamGReVHUUPgxTPbK09LpMwIHhZ
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
66db8fb6bf267d5b9ef0875af44fbc87a174715f28e065ab3e7a81e1930b720f

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 493A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 361dd7903f81f9843925fcf6d0c05bbd.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE50-C1
etag
W/"6a605eea47197fa280f27aaf1fa1521d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
UQNiqPBWnRuQfDx3sr03lIOQesLTwTc_KRyCvZpR5VhXT1mbgIDLtA==
x-request-id
28c91ccefa1e673bf5b54f2aaa164d4d
publishertag.js
static.criteo.net/js/ld/ Frame 493A 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:18:09 GMT
criteoV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 493A 		2 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 8c13747cfbdbd8f1bb0156074cd7a969.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"e8f33fcb581483ced4a09b3c8e7550e4"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
rlBygXvBQz1HjKV-NsXIG5SvZU-iXfqLHN7c8hZR3dmQ4B43Ncp9kw==
x-request-id
cdfb9c0b0eedebf7af479c2d1752f46e
bridgewellV3.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 493A 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 7570f485f03bad71f82f7f4b41147dca.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
HiNetCDN/2104
age
33
etag
W/"c3b948e5a48dd0ec20c265d6d8da7add"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE50-C1
content-encoding
br
x-amz-cf-id
fBVlmi_Lk4RyKAPJ-YafAvr9YuajbTUhDwf-cCshSWqu_bJFgQz9_Q==
x-request-id
8160eb0fc92ca5abadf1b409f9af073b
appierV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 493A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 b1e98d6f23bf8312e5a34847053352cc.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
HiNetCDN/2104
age
34
etag
W/"548ed610a8571343fb3022f543174735"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE51-C1
content-encoding
br
x-amz-cf-id
V6DshkijstfzesKZiYE1BOrWSfu178pAdlqpDZX13PSY4PfN0hqF8w==
x-request-id
51b4aa02db4f0508fb8c2fe9429e8d8d
appier_mainV3.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 493A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 f6850e35751498c1e3b732475b1f4da5.cloudfront.net (CloudFront)
last-modified
Mon, 01 Feb 2021 03:25:47 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE51-C1
etag
W/"2dd28f3fa27f42668b8859c537099414"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
2A3xzuJs74EwWVM8N6g7HujG47b-cy9t_6OXPuwnBb62WHoVxmp8jw==
x-request-id
74c190d1cf69b87eb1ead282b7f508a0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F92D 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
72c07f7143a03da5c551e7f27b38e6283adde0977d9627c49b1ac862372b6eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 516 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21058
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BEA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042601&jk=2497129470754393&bg=!bG-lbyvNAAZLnZBaS507ACkAdvg8WsdMf84NPVEbpYZInxMYfIZfWcV2Y7KrcetNL8n9BlFwGmTvLwIAAAB9UgAAAA5oAQcKABUatxgf8MYZF8OmuHkbTERAQxta4NaZAnKNeVpB07R0zkqqlXwmgQvDluPigYg-thhB9nUoOgGuyZ2Ogp4FeUh-j8YEUj-3pH0c-X0NNfna5LlghNQxDaMgS6e63rrEJfgu2f818sikyjFfF8EXZF3w8RJVZxc3Evvau-ULpfJnye4C7bva6_HoyVWfVe0DiyeGIIzHgTH3RJNbGPnIFx19nCVfPiDIc_4_EeAbj-MhOxc0x0dd5xi-WqcwvfXllm1rvM39P2FbezmpcbBm16neC9TSNtKrmWcy2JzxSNFQ4Z3GL96fsMqoarlv6Ad-Q96JcbBnhc-tm2puHxyh1sq1n_iYTamEqgDu0hf1ZkzSfUmA8AcRgXstRAdlV9AJH4AM9MtOaXDJwduxVch-SPnOzZahs2njPetVWRTa4qkU6CGQwkYCop2WXtB6b4S3hW-ez3dE6vTDXS5qDXMhOkGEpJG_1OWfjflOMUi2CwN2yOl1WpL1IpFrQbGYJKycIkuTsYE4FMeaMNGHtzrQCcrJ6CYDcd1fDXLma_E-UeseJMmLZyx_Xk9QcgBOhrPbHTLq0GFjv363mfInI6nhecUbc5zz1p8FR35ly1_EXIbGkhLDevrpVi3DbLURva1gWJw04-icCpEYgf7YbPtKgFEaIKWP2qni-76VlyQHpixcLQQHjAhduuzfKRTYusZ0h8Cd-R9DQyd_7F8EkROTozeWxK4jF-jGGQK_aFtNoIVj-wgJ4B0YvlX22HWNPw_m2BER__WjMKWeiBMQcUNpqjQycNB7YeYpI5X0DPeiCxiYspny2tgbvlpSRqpobGS4GF5gDwUlTv_-9t03rG4R32Lr1ZNo8Tbaogj6-g
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 4365 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.moneydj.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.moneydj.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
2029
date
Wed, 28 Apr 2021 02:18:08 GMT
content-length
0
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame F92D 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:09 GMT
integrator.js
adservice.google.ch/adsid/ Frame F92D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F92D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F92D 		330 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1759835992439047&correlator=3070755259679045&output=ldjh&impl=fifs&eid=31060804%2C31060854%2C31060507&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1619576289441&dlt=1619576289317&idt=116&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=wrmr0lrbu7xm&ifi=1&ifk=923963767&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=487557653.1619576289&ga_sid=1619576289&ga_hid=1587292785&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b48d3aa2c9595d9c107a6c453dfabddc4da44f64a884f37056c13b72f5737153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9fe089ac5a44ca1242abcdc8619b24b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F92D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://9fe089ac5a44ca1242abcdc8619b24b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame F92D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame F92D 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
faf25ece760e6b17bf1fb20c60bcc8b1db7adb95f9b65b6dd25ca6f31cbc5569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7722
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F92D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 27AE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10033
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 27AE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355731
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
rs
ad4m.at/ Frame F254 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9732c47aa3bdd0f00a394bbea03baf1fd15d6f36a4575e14f10937f1ef733f4a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j1ag38060dwzawvew6ac4mhscp3jkwrfrhrgsj3940d7w25xpyywg2sqh0bngwvbnppr3z3zzpy5f60n57sa40x2nd8k6h0wkmra0a4jsg3n1tmwg85q1jq5yszjprnqjgkc8w0dwhea2kxbaf0wgn9m6p8v50zqdzzjkf4s4rf3f8gqc7mhjjdx4m738xcx4m2twc1ndgw6n0brpgbrpa9dt0vfr21mm77a7cm7qw759ds733kjczqzv6y4w4741k8n7bswh13zgpjmd2w49fjm0rztsj3k6ztmy6kvvc7j89knym2wm263k08f7rd455s52d6rq1801exy4thqmxr9tx63hsf25bm6xhjc4dca91gpwegr4mfgbang&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%26client%3Dca-pub-7492323758213965%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
content-encoding
br
x-backend-server
rs-1tg8
cf-request-id
09b7de11490000d70dc281d000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wIauxIH8wBxwSy5v9I1PyPqbaSHnAeX%2BTwfzLjqR%2FCyJ56PhM%2FcnvtZ2UUQzD6GO2%2F%2BeJnr%2FOUsTmvhENYLX7t43SmCQrv9in7GgiwOAe42Tc%2Bo0"}]}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
646ccc620fecd70d-FRA
drawV2.js
cdn.holmesmind.com/js/ Frame 493A 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=10624&rf=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2FTurn%2FCF-300x600_NewsRightDown.html&n=671&o=1&d=1&b=2&ts=1&ii=2&FPCK=4689-m6CPWsamGReVHUUPgxTPbK09LpMwIHhZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ba00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:43 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
46
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
FmZ6xk9GfDo-REgOQ_DlaSFbgzvCUQODNInyUIhmO82eEN1R8QKjMQ==
rar
as.ad4m.at/ad/ Frame 714A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7e978e650c57c6e9a5c293cadbf86c99aaac1f9f1fdbe9f68f121f04c9ecaf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:09 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=deff3bf7ff923c1fbc9782428deaff4b61619576289; expires=Fri, 28-May-21 02:18:09 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09b7de11630000074285b98000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
646ccc623aff0742-FRA
content-encoding
br
gen_204
pagead2.googlesyndication.com/pagead/ Frame F92D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=1759835992439047&bg=!hYalhsLNAAZLnZBaS507ACkAdvg8WgX2BL3ZUH5VzYyHPuruQ0Jy8hFs0aQb3A8eym2mS-e7sum1PAIAAACCUgAAAA5oAQeZAxzK8I9fZLGoezs8JrQ0fGcLhup_7dUhXIvaTK5W3qkvpOmO5H0jlTFPlLlL5kaoGS36x08rcPqQGK1DNbVFtRgsQ2ExrfOYAOWG60TUehRwEVGSa3o4o3YOBSX6JLJIkfOKRbLaeR1cSzH2axf1zaO816lRVWRiX1Gk_R5zq4BA6o1WjmZV9FN9nONpgusSDktQCzhM89JlSaLNh1Jug7JOzbuauOwmrTVfHMFw7t91jjLr7DXGME9imSiKSkehkay4e_wlGMiaWbQNjlLVOsAdnLV50PzU-EVeD0itL976FXfeo0NnZ_TnaEmFAx2_dVC8QG54t9f89zAfPaaaxYQQSVnc5iAew0DdMWCZvKhmFrdHMn-ZpIltT3nXhSbxpWaojOwy5CspwEjNuT2T_CZ9M0vBJOGow2zSySFjfxLq9gasVm1UNaMJsULsMCSYqkNdH5qfmfXJyOlOpiUAIkehpRy8miQisP9434vaxFhGwHP9Ej-8OKdj6ZIPwZP5NEqNZVjzDm5cXSIcJ9LGRTtJhRpjx09ijwKCl_FLj9HRq29wrR1AsBIU7atPMKWbsSfxTpTja8MYhBDpWShcgZpiuxzThyy2UzBV-4VFrivqmdj8OA1Ylm597PfnQutA7MUcNlINxyUSPBhq2QijmdHKyfbQBJgod34ZQZim3-5AXEr0vv_52SMQOc6dVuePr39gGloket06cVjMHch1toDxjw0q5YLgMjRr297OVq7fIheXwaADKCMORthjc7EC6LQFxpudADb0rKuE42Zw_D4g7OdLyBQmPBD0vZ-IG8tWD8g2zd5rIB78qaq286TkHyV6zcEiUkSgN_seEZV2v0_AoNcClX6lVUoy1tER-HA_IvSxn24j997SKPemxu1L_ONgn9e0M_W12ikFTKAWGngBBDeFLeTZ4FLFxdLH2Z09gNtXVJXrV0txo3fQL2rkvXRX5y7ZlnbFX3PGOk-eO0ApP5UBmF0B6tWmExsbbZ2qAlaPU-INx61FQegmuSN1xBtPHHn1NGSnR3Pd0VUHSSl4_bgYdopXyD_kzShV
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame 493A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6168174045808881
Requested by
Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f55c328c1980bda462ab2e5457fcf1d8a5a4d5a578f4eaf25ffcb326f99e7345

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
cache-control
private
access-control-allow-credentials
true
content-length
1196
bid
ad2.apx.appier.net/v1/prebid/ Frame 493A 		0
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 493A 		0
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 493A 		0
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 493A 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 493A 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=184&cb=82937234144
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
2.js
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame 493A 		866 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/tmp2/2.js
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.61.218.12 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
1460db1c4f8ed6ce0246518780239ed21a79d4274e1fd4dd50d9acb7c3bb2829

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
via
1.1 41d758bee13953e753f6df8ad516691e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Mar 2021 08:12:41 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE50-C1
etag
W/"5ce48a368c337a2bec8479256f06f4e2"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
nQ4LDgKcVRHYo3tBNddhzHsdTFRPwWG3kcptIiTUG7HefvrkGVvgWA==
x-request-id
6e355d1070a89fc29e88e14ba9accecb
av
ad.holmesmind.com/adserver/ Frame 493A 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256&type=0
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
events
bidder.criteo.com/csm/ Frame 493A 		0
147 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.doublemax.net
date
Wed, 28 Apr 2021 02:18:09 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 493A 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 23 Apr 2022 02:18:10 GMT
pixel.gif
static.criteo.net/images/ Frame 493A 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 23 Apr 2022 02:18:10 GMT
default.css
as.ad4m.at/ad/style/0.1.4/one-ad/ Frame 714A 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.4/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
642843
cf-polished
origSize=59219
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
09b7de14cb0000d70dd903d000000001
cf-ray
646ccc67ab0dd70d-FRA
expires
Wed, 28 Apr 2021 03:18:10 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 714A 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Wed, 28 Apr 2021 02:18:10 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
461767
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-UwDAsWiOgQ-rMdf3DKuLh6smH4tNGsDYeR2CbxIRGDZ67pXdwJ4mwJX3Y8dDq7C4qOo15vwRgJFcz8hVbkr9W7zCs0Hug
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
09b7de14ca0000074252b8f000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=duo3NELYlMUYrE1lCB25eC6ZnC0bKzn%2FRSMLEYYEggYBOVr3XXaNMz%2BmrHIj%2Fl6o0xGOUi7yVU4EFmv8HbFKm6DLWP9zvMZgDspA5%2Fl766AS9kqkijr55iYBHA%3D%3D"}],"max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Thu, 29 Apr 2021 02:18:10 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
646ccc67a8ad0742-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 714A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Wed, 28 Apr 2021 02:18:10 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
412214
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-Ux7RgqsVbRk27MRBiecINjK2VLQTSQsm2Gc2qtYnzBslX7whGsDbltfOxxe4rEjEUQt5oDljno5RQjOREk0AqU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
09b7de14ca000007422e9b7000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LZ2%2B1SdKWJcwFB8I%2BeDci9%2FnJ7CzxC6ooxFOjpRnp6wpLNHfgW2eumyC9Sj6q39wJcv6bHptgRTTlbM7SN5GG4Mb0ZVEEjjIYn7eBbZN9dLVzdKla870HaGKNg%3D%3D"}],"max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Thu, 29 Apr 2021 02:18:10 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
646ccc67a8ae0742-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 714A 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:18:10 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 714A 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Wed, 28 Apr 2021 02:18:10 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
460702
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-Ux7gSwtQ3wvhQoPA8-c_LOt64KZN2Jje6eIp9uwuTgc71GUlfOBBoLk8zOXg5b1K4ewwVm2M0N9EpbrXCulG_IjbqOPVA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
09b7de14ca00000742681d3000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r%2Bzxbq5G0UucxHgrm7PldeA4r1%2FjYeuEhPy1gLKjYhx9yeDNy4Tg9ZBG0%2F25HBkA%2BReXFCzVdd89y2I9JUk1IrYovOhdoDN49%2FY%2FrwKoPhbcHHkrXby%2FuytuMQ%3D%3D"}],"max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Thu, 29 Apr 2021 02:18:10 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
646ccc67a8af0742-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 714A 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Wed, 28 Apr 2021 02:18:10 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
412015
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
09b7de14cb000007424eac1000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ickHoeIvkf2xSZq5DBUQBblNiwjlg5A%2BPuq8%2BtJxWVBUwnmf%2B1byhMmnkXN93An39C%2BqLqKNmDSI0A2MW4pzgsI5P%2FEUFCNr6vq9eHQ5d%2BMYIuINbhka7zwppQ%3D%3D"}],"max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Thu, 29 Apr 2021 02:18:10 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
646ccc67a8b00742-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 714A 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:18:10 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 714A 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Wed, 28 Apr 2021 02:18:10 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
411954
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-UzoVAfxQFgz6L9HcmHPW2e7eCBHNd0a2b8Kvrug8-8oPgzdAE-ChRdy7eBzZNRyXD7MxjB9gF3gK83zeR6hUB0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
09b7de14cb000007425c242000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xg4I%2FkuTm10bRZCbeYvvrKFmK2P7HKB3p6APZdOfmq195MGIf%2B956TE6eJ1DuehsshFvdWYo%2BhagBRyTqbA67KTwb0mxq89ImzJ0DbLh8dIn4XX4uXfgAucfQA%3D%3D"}],"max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Thu, 29 Apr 2021 02:18:10 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
646ccc67a8b20742-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 714A 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Wed, 28 Apr 2021 02:18:10 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
451244
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
09b7de14cb0000074259134000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tHXo78%2FuE8%2BZr2do6wQaPoEHsM6U6UOSMkYxwqSzFIdxwSDVEAyJ3xQvv1ZzdPPg6UwUEBONsjtNersbfttsswTXuSPPrZn6Qs5GmH21c6eBz51kGDmk1UFKkQ%3D%3D"}],"max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Thu, 29 Apr 2021 02:18:10 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
646ccc67a8b30742-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 714A 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
caef877538e4bd2af9e3a7c2f85b6008d9982bebb9c08908e7b1ee36a847e471

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:18:10 GMT
Last-Modified
Wed, 28 Apr 2021 02:18:10 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4FBC 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76f4a23d06a4eb1629942669ac3e1b864baf7a756fe52b25fd6ccc243448cb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48376
x-xss-protection
0
server
cafe
etag
7770477186257580779
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:10 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 6F65
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e81e7d122d75e0486ccb69b6d44018119dd64ede682d1af8ff54a4211ee57c9

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6908
content-length
39313
cf-request-id
09b7de16890000c29f39b5b000000001
last-modified
Fri, 23 Apr 2021 08:06:21 GMT
server
cloudflare
etag
"60827ffd-9991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=65y7YG84b2z%2FA4rszrvrfUcnj1RccH0l3Ewem0EXtnONbOLrUXMbI8IQjp%2B43vd2Uiwcj3up46sqBAOXagw8DhibA9Q5zhYKTmts7vp8Rwxe1uCooY191zeY058%3D"}],"max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
646ccc6a7e8bc29f-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
i
ad.holmesmind.com/adserver/ Frame 493A 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1619576289&p=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ Frame 4FBC 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
5298758904806933499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:10 GMT
integrator.js
adservice.google.de/adsid/ Frame 4FBC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adx.doublemax.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4FBC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.doublemax.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B26F 		405 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576290579&bpp=5&bdt=1466&idt=63&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=5953846217364&frm=8&ife=1&pv=2&ga_vid=1980705266.1619576291&ga_sid=1619576291&ga_hid=1612520566&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=629493085&scr_x=-12245933&scr_y=-12245933&eid=42530672&oid=3&pvsid=3126043947545849&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5nrjqt72ydtr&fsb=1&dtd=81
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9847c41079ae78cba7c182c5989eca1729caa7bbf532df4ceba48bfb14a567b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=7340821670&adk=3457804429&adf=2947443278&pi=t.ma~as.7340821670&w=160&psa=0&format=160x600&url=https%3A%2F%2Fwww.moneydj.com&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576290579&bpp=5&bdt=1466&idt=63&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=5953846217364&frm=8&ife=1&pv=2&ga_vid=1980705266.1619576291&ga_sid=1619576291&ga_hid=1612520566&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=629493085&scr_x=-12245933&scr_y=-12245933&eid=42530672&oid=3&pvsid=3126043947545849&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5nrjqt72ydtr&fsb=1&dtd=81
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:10 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 02:33:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Apr 2021 02:18:10 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4FBC 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ecf5a30cc5942b5bdeb93b211ad172180e824382c169300864e3f024d5d73f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7004
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4FBC 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:10 GMT
google
m.holmesmind.com/ml/ Frame 3D81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&targ...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&tar...
  • https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublema...
0
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESEE0EJF80gGJ1TWSRfYWIvy0&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/google_mapping_init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
m.holmesmind.com
:scheme
https
:path
/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESEE0EJF80gGJ1TWSRfYWIvy0&google_cver=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

x-guploader-uploadid
ABg5-UwlYMP9XiWb6zNy7HAcRlr1LfyHqLeOKH1f2ePRljVVVNaqxEtpdM1YMLhcOtCdpxJwBw_FcbyhhxAltT-tP-E
expires
Wed, 28 Apr 2021 03:18:11 GMT
date
Wed, 28 Apr 2021 02:18:11 GMT
cache-control
public, max-age=3600
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
0
content-type
image/png
x-goog-hash
crc32c=AAAAAA== md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-storage-class
REGIONAL
accept-ranges
bytes
content-length
0
server
UploadServer
alt-svc
clear

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?log_type=view&DMP_SR=clickforce&info=10624:9280:24505:45e557095e43103c86a8afa9c26d864b:2256,undefined,undefined,undefined&target=ad&url=https%3A%2F%2Fadx.doublemax.net%2Fimage%2Fcreative%2F20200320%2Fturn%2Fcf-300x600_newsrightdown.html&refer_url=&platform=PC&os=Windows&browser=Chrome&adSrTag=&subDomain=image-&cf_uid=332816-cYC0StIrvt9RWsNvDN1erpvx5JB6Dhhq&ce=1&google_gid=CAESEE0EJF80gGJ1TWSRfYWIvy0&google_cver=1
date
Wed, 28 Apr 2021 02:18:10 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
704
x-xss-protection
0
set-cookie
IDE=AHWqTUnGhb1-tRnnQLhvveJfufePMhz4H3nfIg7mlONdpvz_J2_lu-Js9PrFyXSFRQ0; expires=Fri, 28-Apr-2023 02:18:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4FBC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3907 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10034
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 3907 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355732
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
pvClk.min.js
analytics.webgains.io/ Frame 714A 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-22.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 16:12:30 GMT
via
1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 14:01:05 GMT
server
AmazonS3
age
36342
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
4Xajn5qsuBVp1AdAnkmV3UihOzE6P5PmdUhm1iHE3HBQZ3mJb6Oy-w==
hit
diapi.webgains.com/2.0/ Frame 714A 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TldF9vFxOOQ_i.uJtHoqvynx9MsFyxYM914Ve_clr91y.25.ea.b9ub9WJMSsMtTfwgEl7pp0iJ3A0KFgBFY5BNlr91xU..Bsk&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221619576290%22%2C%22%22%2C%22%22%2C%22%22%2C%221775096290%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=ae4c47c68877487d63de8021b4f3a7d6&userIP=195.242.213.110&doAffectv=1&wgtime=1619576290
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Apr 2021 02:18:11 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 714A 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidpA9u1fgfj9WfkH4HmtztQ7Yhbt7tERDoneid__webplexmedia_advancedad_Desktop_160x600&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=3fa5998ae4de7c61c518260323ce1b0b%2F6000615845873916454&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D207gdf203pwebbp0a6ay7sqq593w9k9qb80thzrg5t8shthfm84d4x4xk1edw8p9k3wa5ycs0vne9g6xm74fp9yvkjvb8gth8qbvtwctc6kyzsmkekehgy94v2ahbqspt328162j6905gykrq7j3w3czaxvb4gmxdafb65wtna579yqag5qa09x4jn2q6qfxd1mr1482g83jhx6zg7vwh2dk7z2yvcmy6qvbq5fxcf5cfptfv1h9r6hexsf8c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCey1N3sWIYJ-3K8aKrATTu4uQD5DhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTc0OTIzMjM3NTgyMTM5NjWgAcKu6N0DyAEJqQJW5zuMzUi0PqgDAaoE8wFP0BX8RxGcM6LDhq301VZCqXQAEhPMcy0Fg57kWoxhGpaAg2p0D3Zf2guXWs7dZu0ADr0lGX9qP4Zh2Tp7_6fIp1cGIXVxeQ8U8Rd9Qj8OEl5l5INgIyM79hNVRHylrGBfi_1M2WZBTQg3Dyxyvm0rO1wlSwhKFuYrkaR-vxqpXvdTjvDc09LyJ3IS-0PCiY5GuKIPKKFzsUwkcuVKFu6Lu3d4wEoiI-A43ZoSp2sQMljsdYoo7_9U_Q9DR5Bxh8br2N0jF1WaNXundyZvun8v5vyv5lJAqO8__zWqInbYLrAKNEOsa6-Ddh4FlbXnifNp4U2ABu3Blr_W56ufxAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1vqx_tTP2IoJ4ADA0ctjrJ2PpNeg%2526client%253Dca-pub-7492323758213965%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:18:10 GMT
Last-Modified
Wed, 28 Apr 2021 02:18:10 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FBC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=3126043947545849&bg=!x8SlxIDNAAZLnZBaS507ACkAdvg8WkSsKGGFCbHz-daXJhfy_CIdd6FSL5uSdHWnPAxaDR7F2SLRHQIAAABjUgAAACNoAQcKAKEIiwJxH72MRSfWVu_F507OjtEtxMxXHYUCNRijOI25RA-uqj4gxyGc-S_7X2AcX3f9-h1RgnWk75ucjPfkN44HiGVxUt2dy3zi2ovSUMSS3WyXS-fglDvPFXfwzwvDQ-vLgkdMWVJc36fDShRNTcuzH1p0e7d_I5KEI_pzWg4Cca2XsE2u5-sQjPqNmobcAHf-p5rI29vKizP-DkFWMAp2_JkC8utq8fKHnUZMZlv_BDA6lr4BrxQTbhJKL9UV1xtErkWlBzKuCdLqalkIDm7IDxS0tNy6fhy9Do0hUp6G-Lgp-HzQJDE_S7WllwAN8R3hqTipfd9PWGyPwfrNbktzF2ABQoCMo6w8LQZLIDyF8vgD4thyBuMW7giYT9SzvE7-Ftq6z_xAQKNCc2Jn6WsrLKJIDBGnYqYZlXRuqWM41z-HP3MS9FWaGWBC8Y_8VJewKT9Kslz9fsHQMT7IkM4Va1eJQ1tE-WRHMivezqs66ryr7ogFjxp8FwyzSmc-5QDNKkrLN9btSTFYB8q7ICdnCO9sd2djdhQlqegIgMEwQeIgt0diN2fdysDdDCK-X5jDQMo_1W1Oo8g-yILoHJpQJ9Dgk9sVmhSkmM6kFHCvgxf5oOVHgwQw7THw8FEqm-jt3JG1eM2atj_PKJwxfOqj02-Q6oBJMMUOGhZxFIey1Ijj9smdsrZK49n0FzwAMZme4BafYJHPhXST1xreRWP7el3l__1wbSq-s-VMKcZ7-0js3eYtSCnWgoBzXshSRO4VZZD1KGpCotIFDf589v4aFXIdK3u1RdrtlYgRqOZfGs3Qwvd3ugTxFvXsypK6KT4m1NSWG-B_L36BIplvVHbHqxI9---DN5ynJ-tj8nwLomubH5F_H8_BkYOdSqviS2T2LagMP8gTmVlCeTs79owzeBeG8u0kficcBLjJctS8R07Jsl-dpztsYscY_tztwzy2f92OYCNxtGbiJyXsP0AiEheGtEd5M9Jaew1EzypikT-GkjrtpACfhaL3pWbjyr6IQvoyRsz-hRMu3OwllJnWidsZby1OGsznYKiOGwSDE2W6yzN6hN4C2VwdHQ0Uq_t1roJnU10-z5PmSjo14L_RyWSMTmFG_62C3ZfEsoYOkYBH2qWauBJaf02e-q541EAZFyJCOsfnJM9UO6EJ4AMXLoGXdV2Slj1ZzmskEK6OL1w1sP0Mkev1_7Uuyqb_BQAIEexfLxE
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200519/Turn/CF-160X600_NewsLeftTop.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 6F65 		975 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3071
cf-polished
origSize=1191
cf-request-id
09b7de16990000c29f4507d000000001
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3nnDl4z7us2%2FTP03V2tjfKnHeeD%2FjTJ%2BaUB%2B1aDSi7bDIZ4So%2FSJRd1bWL1hGRXrR1%2F7G9msM7d2g%2FgzOx5z8GDHFTlrf8ZjB4v%2Bzw1MdYp68tNGzs6d0XU%2F2U0%3D"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
646ccc6a8e9dc29f-FRA
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 6F65 		46 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fa1b381fe26c30d1f677deab4833105d8b1cefab157c31c96cfe37c4f2c7262c

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:11 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.doublemax.net
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame 6F65 		535 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.doublemax.net&u=https%3A%2F%2Fwww.moneydj.com%2F&xr=1&adid=ad-BE778B69BA9E34ABFABE42ABA9BD6B8&w=300&h=600&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.591381606099203&ao=https%3A%2F%2Fwww.moneydj.com
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a47fd1b0ca47ceb21d1e335d9f4438cdd7c8c11276acd79057ca14a2d4f56d09

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:18:12 GMT
X-Width
300
X-Height
600
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.doublemax.net
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
535
X-AdStyle
banner
fp_decode.html
track.webgains.com/ Frame 714A 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TldF9v49ZCmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_jV.lV9dV8midmcK4rT4yMez9MsZPuVr914VecL57GY5BNv_0TjV.5s_
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Apr 2021 02:18:11 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
cht_cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame AC39 		807 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/cht_cookieSyncIframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

date
Wed, 28 Apr 2021 02:18:11 GMT
content-type
text/html
set-cookie
__cfduid=dec16c291249e1055576aec12d38b5e701619576291; expires=Fri, 28-May-21 02:18:11 GMT; path=/; domain=.aralego.net; HttpOnly; SameSite=Lax
last-modified
Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
2056
cf-request-id
09b7de176a0000c29ffd219000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wB%2BiU3MIgN8%2FGlilI2HVUAxfmIN8H%2FYIvapCklLr2z%2Bdm0lWKGJF%2Blq%2BoROZPmB9sVbfxc53oEicT3w%2Fvbnnp9Hv%2BERCdkqYaL14J0DDh25r%2FFwik84lSOC%2FeBE%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
646ccc6bdf84c29f-FRA
content-encoding
br
1x1.png
cdn.aralego.net/img/ Frame 6F65
Redirect Chain
  • https://sync.aralego.com/idsync
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f0d79a70-c676-377b-bbe4-4acc550a180c?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect=
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZjBkNzlhNzAtYzY3Ni0zNzdiLWJiZTQtNGFjYzU1MGExODBj&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZjBkNzlhNzAtYzY3Ni0zNzdiLWJiZTQtNGFjYzU1MGExODBj&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png&google_tc=
  • https://cdn.aralego.net/img/1x1.png
68 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2501
content-length
68
cf-request-id
09b7de25ad0000c29ff7173000000001
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OtYXSRs1HtGi1bOaalfeBoKL7kKBuaLxguzqgclKjuj6HlOkAP6Eov3gU7zfH52h66OCMPHK%2FLQ8po1HBfKg%2BV819uHTX9DEysE7BFWTaFFPr8Eeh9T5AHZyMqg%3D"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
646ccc82af43c29f-FRA

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AC39 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
72c07f7143a03da5c551e7f27b38e6283adde0977d9627c49b1ac862372b6eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 902 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21058
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:11 GMT
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame AC39 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:11 GMT
integrator.js
adservice.google.ch/adsid/ Frame AC39 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AC39 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AC39 		330 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=719689469244723&correlator=191512947662159&output=ldjh&impl=fifs&eid=31060789%2C21064366%2C31060839&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1619576291348&dlt=1619576291196&idt=144&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=ryfhj69rw2co&ifi=1&ifk=923963767&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fadx.doublemax.net%2F&top=https%3A%2F%2Fadx.doublemax.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1947742561.1619576291&ga_sid=1619576291&ga_hid=1469759283&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
53cf468682fc23ad6dba1f40088b6cda4b214648f5d141b76a9070f2e644927d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a34cc39bd0f9c9f3519b698b8b451ecd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC39 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a34cc39bd0f9c9f3519b698b8b451ecd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame AC39 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame AC39 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ed10525e0c6738b9e4474ca66b2f9927c528caba7370ec1d632f833ed8b1ef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6942
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AC39 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B983 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10035
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame B983 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355733
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC39 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=719689469244723&bg=!CwilCEzNAAZLnZBaS507ACkAdvg8WpEaoeVzCj1nhHaVlHTbSTpdZ3rDEBOFu7yzZFOiClCVhIj8owIAAAB9UgAAAA1oAQcKAMU5w_5TM27bvgW4DpY5gqKTa6b1YEkWqsQsvz6H8p2uxc_9kO5EvrESuoSoxAeDSHkq0UPTzddzFV-evX8P2Z9ZL_GsIcNUuqQ6XdeF1tTNUotDy5tZPqQGto9okGsUfeYzkzRnU_XWvA4YP0wu1Zgx3nPOGiKnd5MgWNL-GA-_r0mGgvY92aZ14D_0GXU2VqbHhR7-FAvN9RQAcVTZ7iZ_f4FO_B0ivpxIqyzUVQaYMIdPLxse9tlf2I8t3m8x8VOIceiFLpkCu53NhgLaoYRnaTLpVQZOl_q8hFn72DtXvDn3ScMTAa6zdHkE_swsjc0GAYv4sBr2e1_T8_6v526IwQMNrZEKWzWNceWKCd0PodQTD7_OphK2LQkfXRAAEmZq_0hSxKa_HMIp8g0jFvKYOxjGR423JdEmT-Y1u01GyhwXkGWY_PF5nAUgBZ0909_Yvx9usIjWYcZTfh6SjomEZj1K-BXNorZ-N4BKcZhgyT5C5I77fAMv03gHTAoNC7s5FGu9D4cx0lTc66uSKxG57IJLiyZZ_AsE_n_By768eYOclXclHXZZoUa9o7CJ0IcPj5DvdwiDJM2RZ2KaJ8GNSBcLOBQ89cTYPz5Od36Xe7vw52x47mGRcVYRB8BxOerYJQh9n54u1e7Q7cGnhD_oOd4kTi2Atox9KQ4O90d-px6PDd0HsPoY5UNeT75LDVNzLtPot_pXPVGIG3Ex_3aXtC7p6eDBCz40YeUY1ce46B_8qsLlYo-QOurKo-j-0pPW9nRYWGviLsvlgCC1-CpJbMRJfTy_wjhDJA_Aw8_R5pApMo2dGFdnxaaBdUOHzOI8nOydEOvXeqGk9aHT3RsTMdG9Blp6oeMXRvPOdwiWu_7XFxDUew-pik-Zo_dufWz24QF09qunGfoHNucfm8cgTXVxy8jqGZ8jVGfA_QOwbQyAF65hlY_gCk1K2X93jAMoXpgHAH1rVcT-gbV2ejx64XK8kxVxLdf08IpK4zF283Oc_eBk7_1NlohCI9PqKUO2iLoBQu2bX_lfASNPNNMDabW64IEJfDH662OmH-5NKU3WcR0p4ciafGo2ooxRnGXkQLrIfhc7SRXJyLSqDXK5avOwHSSnBpFqw80GkGVwSWRFSJwisEEKVUV5_bSlxTrqxWwjxVFmK982IZi0rAX6UvnNUZiCKI3fPZrd2w3Qw5vqQg
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 714A 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame 714A 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-22.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:16:20 GMT
via
1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
10912
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
ofOFUoPtDk2gjhH5KNPmQ5RKEyiidwnGegfslTgxN_j_fs9x_B4BdA==
tag
w-it.m-t.io/ Frame 714A 		18 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1619576292051
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
9409751b305200aa427423fbbe4d72f0
cache-control
private
content-length
38
track
w-it.m-t.io/ Frame 714A 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16195762907267_8999509dcd&programId=12607&expiry=1775096290&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
6e1b1d4aaa7ec7c359477e4c2bd81c1d
server
Google Frontend
date
Wed, 28 Apr 2021 02:18:12 GMT
content-length
0
content-type
application/javascript;charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4ADC 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76f4a23d06a4eb1629942669ac3e1b864baf7a756fe52b25fd6ccc243448cb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48376
x-xss-protection
0
server
cafe
etag
7770477186257580779
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:12 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ Frame 4ADC 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
5298758904806933499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:18:12 GMT
integrator.js
adservice.google.de/adsid/ Frame 4ADC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adx.doublemax.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4ADC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.doublemax.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 230B 		88 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c236a9975b595380f160d96901d0618ccbff311c46d70c944dc82d31ecbc9ee
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTP6-zvn_ACFcYT4AodwTwE-Q&gqi=5MWIYOeWIofx7gOw3664BQ&layout=/sadbundle/%24csp%253Der3%24/10720351998250112385/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNTP6-zvn_ACFcYT4AodwTwE-Q&gqi=5MWIYOeWIofx7gOw3664BQ&layout=/sadbundle/%24csp%253Der3%24/10720351998250112385/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:18:12 GMT
server
cafe
content-length
32164
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 02:33:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Apr 2021 02:18:12 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4ADC 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
827a095d143bc88daf0a40c1ea54a87ce3ed877146bc1d9fb1ef6bff57f6c650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7518
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4ADC 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4ADC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4126554779393986&plah=adx.doublemax.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2EC3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adx.doublemax.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adx.doublemax.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10036
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 2EC3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355734
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4ADC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=2833835312066929&bg=!l5SllNDNAAZLnZBaS507ACkAdvg8WkbkezXFHFZKJ9osiHMj1mXwIKnZm7R1pr71q-PTuQHCRZ5VFwIAAABqUgAAAA1oAQcKABFKge6nAYNzqBLxqVoM3MgmLZkC0PkxwPs6ylZCt8pYunmNOhydHnT9gKmHNoV_5ny_PPDgcRrsvtgWltrLAEY1WKmEm8L_qnX3fXy0pWWzVPY0mMSNhST8CvEtVjJWNUXSYa55-O6aspFz6hiBbh38siusK3SZ7mAOcbuFlXaPbc13qGOkE-u6m_8ldPwiT8mszS3eTWdCZG91X8bftiIBmDdWzBn21U-a5B1AW6bCFA-spvVoBtvRrCSt_2Kl8kp7duUtwzwkX4cbEtv_o53ZRY7fjjzldA6Q4oV9Nk-N740ey9ZHGHTEf9PU0ja_HQIV8y8zcoRNCT1_d_4DG-6P6V4jGvdbZWsiCrZCQCROIHYtYv8JZyTgwnuK4dCsrPSSfErY5pK17D2zW8t4WUswSSCgXo_vv2z6YaVxYcj_JTvaO20eqZ5vJszHyvxLTtPqjOM3SjGxviG11tAtgqO55YTuwyjf1zWEfEls7vps2RetYz-EhYJIqg_m1hU9UVB9t1HwjKTV0w4ZApkgTcZQq-PCiV5c2iUXbCY2-VSA5JCTGUd7ZAlbODqbluV1vVu41Y5SNYtyGp9tiSbrGvrdMXVrrj8cGRY6yOoxRU2-oYbf1jHSY6oz-YLApRlQ7TKVqOWt-o3DT3E4fWAMw2jrbzbP0Cf_WuIT_Uw400tNsAcoCArkzBPsUduEMzMTPr_IGY5PeXd9zgEFCIsVM1hwy2nUR9EYctd7wztIPpd7sc1rv368Z1d6GlhNsofpeOBSTXnoeqfPTdOt_CkgBaZ9Wq6YOEro7RKFO-cXDcod9GW6zQVkDGKYgcx0kZwyjtKvv8NeVfhoR2fV3V-6i_Zfj4tXpzBEN-fzmjBq5b_MQ_bJeg19LiBmpkIsPkfYw71tfUD37jYBM2rZg5D3BYg5R08onWIEf3y_PPQfO4T6AqpjqbI3ydOXjdkmS4vQGcPkBgv5XLZpSxM5D7VpbvJXt61Fxw
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.doublemax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:18:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
def51a725fcbf670ed1ca1d44fdfaea4ba74f4ed993d59fd28e8e35d88d2190e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/10720351998250112385/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 27 Apr 2021 23:18:35 GMT
expires
Wed, 27 Apr 2022 23:18:35 GMT
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
16675
age
10777
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 230B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSXma5MWIYNTNIsangAfB-ZDID8uZkvFhhOKig4YOqbj4vrUaEAEg2p6BGmCViriCyAegAZ_n0vkCyAEJqQJgIJPXLEi0PqgDAcgDSKoEuQFP0HAXpBS_zIz55OmILLTi21UkVz21L4Dh3U6yQhClModp4lH5Ab4ZQRhtOquQvvEnUUi9AlqfP0wh4pCZwMouOuVTiMWBQsbNWbIC78HP3cckja5XLrxCZpjQQgmJBkVQx0TwdjHaS5OW56NSbfi7-Qym_pBWv5OUHeh7e3OT1eeuX2z0iPEPelhebyc4X_0BzKhuBLnnqlM51aa-ZXSnP2mi-cMcLj_AEzxhkGApbV0TCNVxOdivKsAE1_HutbADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8mYrYYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEM3FBdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2&sigh=38FQP_32maM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 28 Apr 2021 02:18:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 230B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:01:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 230B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 230B 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:18:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 230B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:41:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A12C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgoPwiQtQIbstz0eUiEjjlI9u40ks8jPVyNsemttUwJsDzPr-Tptvxj5uhOGs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 28 Apr 2021 01:56:55 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1277
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 10BB 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 10BB 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 23:11:01 GMT
truncated
/ Frame 230B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dee75bbf4bf2f40c91a58454d9d19839a2e0c474c6ec9a23859c833331e40fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame A12C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=600&slotname=3588568482&adk=107357254&adf=1310142530&pi=t.ma~as.3588568482&w=300&psa=0&format=300x600&url=https%3A%2F%2Fwww.moneydj.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619576292482&bpp=2&bdt=1511&idt=54&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&correlator=1473286915985&frm=8&ife=1&pv=2&ga_vid=2029476265.1619576293&ga_sid=1619576293&ga_hid=1713067376&ga_fc=0&nhd=6&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1803030738&scr_x=-12245933&scr_y=-12245933&eid=44740387&oid=3&pvsid=2833835312066929&usrc=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cgkpmznvc7qn&fsb=1&dtd=68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgoPwiQtQIbstz0eUiEjjlI9u40ks8jPVyNsemttUwJsDzPr-Tptvxj5uhOGs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:18:13 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 28-Apr-2021 03:18:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Apr 2021 02:18:13 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:18:13 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
pagead2.googlesyndication.com/bg/ Frame 10BB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
355735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5672
x-xss-protection
0
expires
Sat, 23 Apr 2022 23:29:18 GMT
cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/cta_DE.png
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
93103
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8540
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 27 Apr 2021 00:26:30 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 00:26:30 GMT
fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/fechas_vertical_DE.png
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
14941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13906
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 27 Apr 2021 22:09:12 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 22:09:12 GMT
experiencia_vertical_DE_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/experiencia_vertical_DE_3.png
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
459170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15206
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Thu, 22 Apr 2021 18:45:23 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 18:45:23 GMT
summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/summercamp_vertical_DE.png
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
443814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16162
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Thu, 22 Apr 2021 23:01:19 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 23:01:19 GMT
fondo300x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/fondo300x600.jpg
Requested by
Host: adx.doublemax.net
URL: https://adx.doublemax.net/image/creative/20200320/Turn/CF-300x600_NewsRightDown.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68f96405ee7361a1d6c8f0749d87ae10e5d2c10c76330d1eb23b92c11a875603
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
69485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88114
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 27 Apr 2021 07:00:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 07:00:08 GMT
truncated
/ Frame 10BB 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
fondo300x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/fondo300x600.jpg
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68f96405ee7361a1d6c8f0749d87ae10e5d2c10c76330d1eb23b92c11a875603
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
69490
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88114
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 27 Apr 2021 07:00:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 07:00:08 GMT
summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/summercamp_vertical_DE.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
443819
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16162
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Thu, 22 Apr 2021 23:01:19 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 23:01:19 GMT
experiencia_vertical_DE_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/experiencia_vertical_DE_3.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
459175
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15206
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Thu, 22 Apr 2021 18:45:23 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 18:45:23 GMT
fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/fechas_vertical_DE.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
14946
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13906
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 27 Apr 2021 22:09:12 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 22:09:12 GMT
cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 10BB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/cta_DE.png
Requested by
Host: www.moneydj.com
URL: https://www.moneydj.com/kmdj/news/newsviewer.aspx?a=8a977847-970b-48b2-b188-fbf10b1b2128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
93108
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8540
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 27 Apr 2021 00:26:30 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 00:26:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-opTIp19E2oUHCUcBAecfZX07zlzlXrwNkxeZcCg-~A&redirect=
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

361 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| basePath boolean| iMoneyTesting function| bodyLoaded object| googletag object| ggeac object| google_js_reporting_queue function| $ function| jQuery object| KMDJ object| g_VIPWindow function| OpenVip3 number| checkTime function| ReOpenVip3 object| g_XQWWindow number| g_XQWCloseMsgFlag function| OpenXQW number| XQWcheckTime function| ReOpenXQW object| g_XQW_CloseSiteMsgWin function| OpenXQW_CloseSiteMsg function| startWQ function| BackBroker function| expandit function| chkstyle string| g_domain string| b64map string| b64padchar function| hex2b64 function| b64tohex function| b64toBA object| GibberishAES number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt string| wikiURL function| parseWikiSubject function| getParent object| hashData object| elmData object| elmHtml function| replaceRegChar function| setWikiLink function| replaceWiki function| highlineWiki function| outerLinkFilter object| dhtmlwindow function| addEventForDhtmlWindow object| dhtmlmodal function| addEventForModal boolean| useJQuery boolean| useCanvas function| ISUseCanvas function| ISuseJQuery string| sBGColor string| sLineColor string| sLogoAlpha string| sLogoBigURL string| sLogoSmallURL number| sDECIMAL object| MbChart object| MchtCls object| MchtObj object| MchtUtil function| Panel function| MyPen object| MbChartColor object| MbChartSetting function| techCalc object| CSD function| CSD2K object| chartLoadObj function| ChartLoad function| HTML5chart function| FlashChart function| getSWF function| quotedstring function| iif function| trim object| aryFunc object| dateFunc object| numFunc object| strFunc object| objFunc function| DP_jQuery_1619576283163 object| dataLayer object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| gapi object| ___jsl string| pageType object| ee string| defaultValue string| type object| list string| decode function| checkText string| Forder1 string| Forder2 function| djMenuScript function| MenuGen object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _atrk_opts object| mixpanel function| fbq function| _fbq function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| adxTag function| atrk boolean| _atrk_fired object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| show_AD_960400 function| close_AD_960400 string| Pagefunction function| saveCookie function| getCookieVal function| readCookie function| deleteCookie function| clearCookie function| AD_ButtonTextA407 object| ampInaboxIframes object| ampInaboxPendingMessages object| collectwin function| doCollect object| FB string| BannerData function| GetFormAD function| CheckNewstype function| CheckTitle object| ePic function| showProjectList function| ProjectListResult function| ProjectListGo function| TrancStr object| BehaviorF string| innity_pub string| innity_zone function| innity_adZone function| innity_postbidWrapper function| innity_append_iframe function| innity_write_iframe function| innity_write_feedback object| innity_legacy_ad_settings object| e string| gInnity_auctionID object| gInnity_zone object| 16195762852803e7f5481080b8 string| innity_height string| innity_width string| innity_cat number| totalChunks object| _pop object| _popIn5_config function| Treasure2 object| PopIn6 object| popInGlobal object| PopInGlobal object| PopIn object| JSON3 object| PopIn5Conf object| PopIn5 string| qString object| adsbygoogle undefined| Tynt function| setHome string| id number| google_srt object| google_ad_modifications object| google_logging_queue object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| google_persistent_state_async number| google_global_correlator boolean| _gfp_p_ object| google_prev_clients object| google_jobrunner function| TreasureJSONPCallback0 boolean| popInPositionAndStyle string| DJSearchPath number| oTimerId function| Timeout function| ReCalculate function| readQKCookie function| QKHTML function| GetOS

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.moneydj.com/KMDJ/js/viewcount.js(Line 13)
Message:
[object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a8774b85665cee7386fd9954e38dbde.safeframe.googlesyndication.com
15e2e1f16b5f2f84618a37cb96f8aaf0.safeframe.googlesyndication.com
42cf43a05b23fae3f41055a62480bf8e.safeframe.googlesyndication.com
9fe089ac5a44ca1242abcdc8619b24b1.safeframe.googlesyndication.com
a34cc39bd0f9c9f3519b698b8b451ecd.safeframe.googlesyndication.com
a99382509d01641f1416d73d5c31b2dcf.profile.nrt51-c3.cloudfront.net
ad.holmesmind.com
ad2.apx.appier.net
ad4m.at
ad4mat.net
adcdn.holmesmind.com
ads.aralego.com
adservice.google.ch
adservice.google.com
adservice.google.de
adx.c.appier.net
adx.doublemax.net
ag.innovid.com
agent.aralego.com
analytics-wg.webgains.io
analytics.webgains.io
api.popin.cc
api.webgains.io
apis.google.com
apn.c.appier.net
as.ad4m.at
as.innity.com
assets.ad4m.at
banner-cfnetwork.cdn.hinet.net
bidder.criteo.com
c.holmesmind.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.innity.net
cdn.mxpnl.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.lndata.com
cms.quantserve.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
diapi.webgains.com
fc386651256b78a5c9b2e79466c235fa.safeframe.googlesyndication.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
image6.pubmatic.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
m.holmesmind.com
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
prod-rtb.ad4mat.net
r.popin.cc
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.aralego.com
t.ssp.hinet.net
tpc.googlesyndication.com
track.webgains.com
tw.popin.cc
w-it.m-t.io
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.moneydj.com
x.bidswitch.net
ad2.apx.appier.net
fcm.holmesmind.com
sync.aralego.com
103.132.192.30
104.111.224.62
104.111.239.217
116.50.36.71
119.63.198.143
119.63.198.172
119.63.198.188
119.63.198.189
119.81.192.141
13.224.106.22
13.224.106.29
13.224.106.52
13.224.106.61
13.224.106.63
13.224.148.191
142.250.185.194
142.250.186.66
162.210.196.208
172.105.221.240
178.250.2.131
18.195.54.133
185.64.189.115
192.229.233.139
192.96.200.41
2.18.234.21
203.75.214.136
210.59.219.34
210.61.218.12
210.66.210.14
2600:1901:0:76b9::
2600:1901:0:bc29::
2600:9000:2057:a600:3:1794:2540:93a1
2600:9000:206f:ba00:0:e06c:e940:93a1
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:aa7a
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::2013
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:400c:c0a::9b
2a00:1450:400d:804::2001
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f042:10:face:b00c:0:3
2a03:2880:f142:82:face:b00c:0:25de
2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
3.115.39.7
34.200.48.161
34.95.67.231
34.96.119.68
34.98.67.61
35.201.76.93
35.227.249.156
35.227.252.103
46.236.13.147
52.12.169.109
52.51.103.64
54.178.71.123
54.72.18.9
69.173.144.138
81.29.72.47
01c7a64c7c7fdb5ec30de2d46555e61d65c49432cf025eceb66b0f4907720f84
0282e0f6178e8571e579219591a7da1e44e728b89cbbc636cc076381cbf9e806
02f37b3b28850ad5836df7adfa4cc16672c7742cd62cfb0150d4ea7a7b0de2ce
056ae0c995e2cb4118407bff91ed2a1365bd563f52b8806ae70ce8d4ce1e7971
0593a255a01933e26823747656a39bc1fc7188582e67ac5223eefa74f7c2c021
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0804913fa7882839224c554af6e6ee2bffba0d48a4d5c606c59b1f5a60762af9
086670ac835cb1d6bf72c32a0146baf54f11ba8fd5ef0a2eb77317d9139f5f59
08ea8b5f827ea4d281efb2b160528f1f3c42ee6a3293effd59b371a92915acbc
09f2e86814746e389510ec887015b95e6267a82ad90eeff9f7d58f05f220021f
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbe6c00bc9231cc9c2b0709c753f0b10df1a976b8b96e819c84dfdaf734d659
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cd810c7b0062ca026e5f21f80ff89d6f08e1a6736c7601c34bf2b640d664e96
0ce8d906856c74a79a728b8d352992c6eb0e39764d3b683036f1f91c9d3455de
0e8498b114af094c83453b48310a479f069c13ad7381e6944580a2f1da474f89
0ffa0e81ee6f12b33ce0735f49b6efd9e30e3bae86f50084e11247f1ef39d249
106c04904b570c07db36ece67fd06343462f684f7335ba4079b11a1d7238adcf
10890767f8451d896ff77a8156ef0650a5a7f83304e086c8907f9f5c7331445a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1460db1c4f8ed6ce0246518780239ed21a79d4274e1fd4dd50d9acb7c3bb2829
149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
1699160349f58f6de31833ab95b03ce6f1f5f9330ae1a869f913c9a62655db01
172ad5c0e034e13c467e0ff8e19402fc6a6d0f729cdde19b063a1bc7a24306bf
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a5a63d41ed04ef46d5a8e369dd990d8a49284e0531dce62c523698cb650f214
1b1538ae50fd4837b2d666c53c2001e9d17900be96afe29ad6e0959be25e7406
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c236a9975b595380f160d96901d0618ccbff311c46d70c944dc82d31ecbc9ee
1ccfbddf7c631e79d1f4df3122b139238846fb92446405213d882d3a68a91c29
1d4f6e8496ceeb03a651b50e48e62aaec6074c8c9c4f4ff7a6cab2f728400e21
2017c38c7666321d4753e692db16ae2698267fd6f8fa82c25737901b5f394698
21cc16a48f77005f8c9530b8417975d549ee6ee135851fd71ea5434bae0bcbdf
21fd600f77fa9cdcdf0342229cd39d622a88337ede6a780577454c0d5a7f6df4
2221258151c74d7b31ce133e4a84ffc81569f3282aec1137560de34a0f7b3881
22a3b24ffae61de035e980f880569ae085f732bde05715192e963bfae2be2c8a
232e47c1199ade628e6ab88540abca7c1789da3e79f1788b9a6a6448384df52d
250f32725adf2a833d48acc424fe3708dbc5696eea167652f7e4d76c7159dcd1
267d3023a0ce2ebe1c367a12b5507e4c1ab237d995895204203bb50b274b762e
2699d9ee5aa3b674501132ad996c7ff6dec638cbfcb9a5dc6502909b594443db
2718d43e3dd253a6a4a2997e5f4ee6b3eb8bcd4581453ac3a70b2858f6af2b25
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29b3782189357c43599acf472dfb2918d89768afab8f5bcc86bac17c16665788
2b87c3a88a9e0434eecab706237d91f41359b555a4f8d48624f3664ce7923b2d
2c47ec141c8b4fc1e0889efffd2deacb7bd6329bbf84826a12cb3821a95e2336
2c8b37d814f6f66fbd36a7e1e2aff7acf9c0275d024cde9c18e717c6d1ddecdd
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2de48caeca325336758b4c67ad25d2995d7f2dc0251b0613effa99b0afc23660
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e25369eac94e1bfce438945d211dd3317b0aa6eb39a3eb94c2a6b34701a5c98
2e27421fef03ae533242b5a35b3a198994db9dc580ed6c5a8977614eba50ee37
2e73791f77b96b34a35920a22df77abfa664441d46662dcb8a806e3a5822874d
2e81e7d122d75e0486ccb69b6d44018119dd64ede682d1af8ff54a4211ee57c9
2ecf5a30cc5942b5bdeb93b211ad172180e824382c169300864e3f024d5d73f4
2ed10525e0c6738b9e4474ca66b2f9927c528caba7370ec1d632f833ed8b1ef9
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1df89591ec8f48a6dc4ba04688bd9d09d28dc9e49de12ccd40f4627515772c
30ae3a086a91c3252a3a9af0764e1f47a838ebb45e8b019baf04edc4606e347a
34d4193e1e0e261b311e3f5325d1a9b6718146b0ec1d709827d220803d165c8b
350a2e6b4d5770ec3d98a14c8a318c7afb1046f1b163b2b677a867142531f035
36fd029b3bafd141fb21f2c4fb4a832aa48f599e97dd83f9496422f9dd812658
37ed55c7f527462034f604fd9e09aa48d3284f5042c97cba1712f6afd086cb7d
3940065d52f8b53136b319b9a420063253dcece16b6b6e7ea9367595ae655b54
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3dee75bbf4bf2f40c91a58454d9d19839a2e0c474c6ec9a23859c833331e40fa
3e2d8bd268c51f92869bef967e15d31044c9831dd02d0274b864fb79ab00effc
3f048e73e39dfe007152d73f23869d3645ebb5ad4083e0261a5d00b77492ce63
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
427e11d955882661532a89071884788f31a54cea94684063829a518410aca62f
42e7f2776ebf7c6c73a377024b08dec8fc358251838587b12fa601c131b802bb
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
43e9b31fcde2e99075a1313abc35b1c513cfeea8b59a49c293eb216447bff01d
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47cca155305638f12c5e191dc08aeb4253b62263fab7f3ac49bdc3002dc661e0
480caf8d247b71c562b2f2e63c824fbcc81d5b07861a752c4db9ff270bb16e2e
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
4889e841a6e60260687d67cdc9651c20c8535c65c768bc85d2d783553cb640ea
491c6c4a99a8a4ba8b888f73a0004f9436e75a570a16874663472fc4aff78e25
4951158a2076f9a76b457d3ddd0d41e01ac8be72025a468e59b791a447a91314
49d6261225985a4f22a17dc8adc20e6385d26af45ed6ca9c847d31fbaa26259d
49e19dedfbc2eea434d41e36a3d5d83c818febd47a931c1a79f8fecfe264f646
49fc04b260ac1a7702d64ed979d7173a9447a5952b942f3cbe74f363a0569c56
4babe7b03c861ffd20b3cb0bc4f83a6fd404ff3360090f8033db4f7ea393a91e
4bd40758f4ea07ce84f9faec3e5b88429309b006082e16d2ab938e861ac49bde
4d923d819ca2ff5b300761f494357861e57fa2f1ce9a9e1597147196887452ee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f352d28d3fe7b60091e674db1af430d3aa787e74671affdc2cdde1e7147458d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
513fb49b1a72a1238fd13807a9dafbb44a7017d5a3f6b020ff336c659e3f7bc4
52ca43c7ddac4c3c8d0a803f2bebceae02d3243b34fbcabc640906a4fa04ab19
53cf468682fc23ad6dba1f40088b6cda4b214648f5d141b76a9070f2e644927d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b85078e8213f91293b00f73111d5446826454d1d755339086be35238c019b6
54bcf08b9844662dfb48c7036931003dcbcf7d7fa349ac51b017423b78f0e5a0
54be76c562120111fedd1d782aadbfe6b272f366aca43c53947e572b5bcabfc1
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223
57d0627e1aae9f74ebe4f63ab1eef5aba18b768ded1ffdc9073f882a7966d38d
57f3a43ca0b1ac17802723d243fc1d1d98aba942f552bfd3f32fd23d361b9690
585ab22137ac81dbfcc514aaea6f01028cc9413ae319a4c88d3aa535765c269b
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5a56c4a33c24512acb74fc34ace69542adda68d36eef84c9c6b0a465ad9cde10
5b4f01e3784c081814429943d9a1cafcaa556bae64e786806e2e757be1fbb013
5c53384eb57611a57a6136766a39fc6deb5da74db2bcc95629cea73f9d87abca
5d165beda02be992179d5c91a58e16cac29e5060d8e8bd477ea5dc67bcff9a78
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678
60af5f48b6f3b11bd8561835200226c064aeb919a45c2618bd7f78a9724b6f67
6106f69094ce902b385e9336f20332ae2df888d53bbc3b1da6c3ab5bbb87d634
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
62adbcad511e77b1195ebf117b4dec4bc5c9f32ea5890c95b8923e05b97d2dd8
6391243f1d824be039466dbb88da053d1cbccfed9a41919235ebe15d1dd27b57
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
66d1325c8c80043fe112b0b8006a599e2d318a9f8088ef92863cd6d7bec92e2d
66db8fb6bf267d5b9ef0875af44fbc87a174715f28e065ab3e7a81e1930b720f
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
678ce45478f188e2c37f414d0b1d92946f4aca2ac58666dd051edf06f2808fb4
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68ba33e806390a8790df5bc803931920314aafe3493f90765424fb2e7c2c5a9c
68f96405ee7361a1d6c8f0749d87ae10e5d2c10c76330d1eb23b92c11a875603
6e31dd0b786fd91dc338ad47d525a36b9fddc0bedf7fe2245b9ac16aa76c9b5a
6ebfc4a255941a51a405c59b3d532ae0afe9cdec2591374ac1ea80d553f5594b
6fe66e14273cf3065df377679f203f98244e41d4dda7dcc4b2cbd00d5125c00f
72c07f7143a03da5c551e7f27b38e6283adde0977d9627c49b1ac862372b6eb9
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7359609d725cc6d82cc30f8358cb33b60bd08b1d9c05b9f7a5ccc230dfcb07f8
747c1f5556fe683bd026a59f3c1656a97e9a415c43ff50cd6f33a8a020f9d354
76159081594b856452bd30f7a7611819904ae6b4071699100f42826c7fa34979
76f4a23d06a4eb1629942669ac3e1b864baf7a756fe52b25fd6ccc243448cb22
774f520ae45df6655ffab3f2f3680a9bd32ffbd9283e4b32893e0d03a383e80a
79a002b68c2f4e69aad0de6feb75b5cddaf84924b336954e782c68cd5cea0130
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a3403bc89fd64b8ac73a2b7da6d99ca1fde1f5fafe1cb6da5dfb8c5a0cc5f6
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7babbacf26a3e7fdb4f85e49d16ab1b851f38fb6e82a682259817821636028b8
7c54b6fc015309c76cff26e2b6147b9ff0371042858fc7636c527b1a3e39f88b
7e924a5af1164b6ffe09c2c9c69d3381a795c48bf83571d2dc903238bfd6e7c8
7e9771aafa927d70fd735020afc98f1aa2c2167f206f43352b6d721d70a856d9
7f7d7878c6c7e664cc9e002ea8cd6fae8b44a61ed6604567c8cc578cc4e32d0c
7fcd4f15c4140d7415b9fe3a9d82595a7ead612ad6b92b9b240b1678e1b02090
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
827a095d143bc88daf0a40c1ea54a87ce3ed877146bc1d9fb1ef6bff57f6c650
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8452a1cc15705046dd0d5f5b62b74bd212f9440ebdd8c150127815a192e0405a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
8536b5e98da7156d3c79f37ff3cd76d7f793e63b1f8675253643fb78a0056c5f
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
860406da40dabcde2a28290ae1bd4042efba6fa45e0f6e6c81c0424f8f872418
86261953c1068a5868e785e5ad1883d11387c122d573d16fc6ea4f39ae69ebd7
86fc9ce43114d056a4d885a89623c7a1d163bedc94f35260d8abecf94ab516f0
888b1cb2edcdc8d5aef1363603bbf182852d792cbdead4c2ab3eecc38bacc686
8957e2ee20b6aabb9a9350f35fc95f8f0f88cd29651d1ef9e0ac624db0476ca8
8989d049c6d96ef8534368983923e2527f3b899310d6c623e23142823d24ea82
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b0fac12f6bbb9ca9347f6ae2b57877decace3c9a4502a4366cd344381c443ca
8cfc3db164abe7c0d7b7ef05cf17b651898948bc2eca954103d3838db8251586
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8e2e10976cdd3097c116baf8a2fc0c620c72bd2bf654845bc6b0193a19b92e2d
9010e5a841cf0acfb13facfaa2c3318bc8118020ec071d15de099eb9a628fd01
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
9139cc5cfdbdc0aaddafbf5e325198286e32661a8788da905ea377a3f41bb621
915852e0927e016c97825306f47b4e7cc7450fb87de9ae737ed10bdfa63b00bd
92c0f743e3d9afb784030430b40599fbf3ed8a6c1520a6ec69f08ea178912f7f
9445e397b974f431b4f90511551a0ce3986a16ea9076361e5bd58ca3086df069
948b25f25c8c51f39f38aa13a377e3178b6402d8924deece0bdaab039e9ebe64
96d9f76c12ede08214c22b293ae754d9b2978d8eccdbb1c9cead9aba408cddca
9732c47aa3bdd0f00a394bbea03baf1fd15d6f36a4575e14f10937f1ef733f4a
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb36d1ec58f42e7a5359aa8a20bf228ee07ef0cfd2466682aa1e238f9627cc8
9c975e6d48676798bdc22a92d89aaf3f0a98dc764fe66a7f43dda0dea3389c33
9ca5033e09803bdb9768d4a6c5f823652049ea81c2819e512241364e3e25af02
9d1e7cd507f100a1f1322846a870f5033fb847fcaf1fc5f4892f5ca573c34ee4
a04ff2c6ab7ad41629063483eb23a5edad226bc9529668faecfb162d63bfcb9f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a331001d01439e3d0261be02f7d1efc7877e4405f4a8d88540c061d387743287
a3e992b28060b1a3fdb2c53d8ad146f5e557fe73c88d2b789fcaf1b80502f80d
a47fd1b0ca47ceb21d1e335d9f4438cdd7c8c11276acd79057ca14a2d4f56d09
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a684d680866552f74f63031c8f57cbac5cc301140f2493e8c456d735eb4d0c16
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8c8db0a0ade631142fb7f804bbdde1c08e541ac9eec90c981e1c324c323cc17
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab5a12172c767b9102da6612a1e9220a55a008c30d463ebbda2d9880cb775ca4
af968225577f4253077638acb0a9f8becdddd22e1220cc18ad402fe77bab8a51
b014f174a464163b111888cd2f6b6778d2f02046bc5bc54db7dbba87e6db1b7f
b0bd255c7d798824df55002643ba705cb0b25869bdb494633c63ce6c34cb1d09
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19c02105f57425a446005d1b87222c26148a19432d11cb2a2f04e25f8bae148
b1d4c3a337686c06292a38e20dcdbec4ba9fd2cb2f38c8c2ccf23227f074387f
b2257c7bd2c6e17a9d81bb4d684c52b35b2170419adac8983b91d6e28b06914f
b23267afa1d707f5a280500d8cddc8df14810f33dee697ff83c4484a54c457ea
b308975aadeba3f6ab3008fc1a6b6199b713ebccb5db1161693ed29a0b7b5f49
b48d3aa2c9595d9c107a6c453dfabddc4da44f64a884f37056c13b72f5737153
b507e7b2bedbfde5243a084b804bddc4826f8417aa91787f4aee4d1d2f2401fe
b537701b51c30590bc0c80def4eec320f33598046090228f630fe1bc376f9300
b586b6299996b546ef44061c1c8d4d0c180b68454d475936079695bf90e8c8a4
b6706e124a0a136eaf31540bbe1682073cf43cd947aea6e551b999a927b2c1c6
b6cb7e93c83d942ca281a0e4471f3a94b557aae27c928287dd66896fcfb70ae8
b73762e762ff3bb41cb8231a748b2f39a6afe7edd901ec59dd01861740e9021f
b75789d6c7d14d9c6373ebe3c8327f6752852e67b20cafde2ec233364a2c4675
b86a1909d262f05aff9803d767f9bb9832b1ecb64de5be51dd83f6f4bb492092
bd0f711ce201428d041054d6e97c0c46b5f6d46959f018533c533648af8c507e
be5e1bb54a9c2bc90c59bbb19dc9a43b3dc1e666f7bb0594c1f3939783c2d5f0
bf093b5c9a429e67bd8773c582377500eb7bef4cd2393cd35fec84f762d34f2e
bf863f2e32ddbb22f724ba98db0e898773e13b9ae6fefc8e185c6049b86e1e71
bf9fc023ec6b3b8c22ce8ef08b7514527360ae5f75578bdeded5d4b420dd773f
c01da61acefa343d431689e081cef8259f86e1f355fa85f68b2bfee5d6ebdb96
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c166e077dce4fadadfc17e500c1b9787a6108a9d069b8be8c46af91c5895926c
c17e8dd3d45eac95f0f13efe03628e195ebce435092158aa6617c6627675e700
c2502aaf14c8613f3710775541bc71b11a82a334fba5392b5361e3b2341bf8b3
c3d57d470fc761d3a241b4389a041509526fd9821cb724cfed0eda882f452f4b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c83806ab124918e7d513b5c1688eb33e72eb5123bfebf94c7351d9b96efda642
c8748716913d8745598f8d951fb16ff416f609c3f80675b33616499eb5f21ac1
c8e74b60a68fe6dfaa44e5ec7924fc3852d42c8f12b4107da837a9ad5e99655d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cabd002c9eadeb0a7a9821198de79064273dd7b8fe6aaacfef789d95150063f8
caef877538e4bd2af9e3a7c2f85b6008d9982bebb9c08908e7b1ee36a847e471
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
cdb52be92f9209ad479638d0293f2da982ebbccb40a20d779c898abddab16173
cf45de7001e972de07f1467c916648af3011c3f8fef529995136b311d3e07ccc
cfdedced9922001dd8f57a9f6895fc98c2a4f3be61657f85d5e02833e2ac3f88
cfe6fccef40dcb018b0ee80a531aa8df0534a53bdc707eaf9dda3587f2dffb47
d078224b4409d3443f851562e6707e68e258f7c32159f7c3e917eaf8e9e87bac
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d4514f0e58579f9a240c94b04129f825976e112e6da9a29fe7e3e3bac952ab42
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d5b31ebf4f096cec7354dd6d17ca3f2e0763c56ea0a25c642089fbd981cd0558
d605b8016e96843b147169071b1b1442b000a65f71a0cd4b3a7164d4fc9dc282
d66b7cdd626243fb785049bc4c3861d28e53b9317863ac1d5d2eb6b0fc0849f0
d6e530c426e1f8a9fcd59adaad82922ea478b41fd8e1f714ce316b4200247cc9
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
d82926a9f2c0de90e54298a89105eca9647697c6b8283c8461db0e8b34d4e830
d8d63c4af4bac69242b78473a8bf1ddf615cfeaa81c4dccdf042e53ec7250a59
d8da4fc00e7d4ab411ce2d5d205f709cbd4935be6e8f50e897d45ff9e60de503
d9847c41079ae78cba7c182c5989eca1729caa7bbf532df4ceba48bfb14a567b
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da31a657f332dbdea00bad7b7b791e6507a32140cd22e1bf697ebd4840bb4292
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dc1076e79e582da826b2ee013367f7cc8d9b2fcd9c54142952bb5810266bef63
dc69cbb04dd6ae64f63a71acdf08c28fc15eaec9204e4b09aec68812572e0707
dc7e978e650c57c6e9a5c293cadbf86c99aaac1f9f1fdbe9f68f121f04c9ecaf
dd7e0f21fb756e7baf6c321c6a895710711a7dca6afa20ac2c7fc1f49ba401e9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def51a725fcbf670ed1ca1d44fdfaea4ba74f4ed993d59fd28e8e35d88d2190e
e00b504aa169ae611abc550b7f609a2be2d0427d8d3029e0c27a94f33fc6874b
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e460547a0bec74074ab0d70cf8e7fa536492dad7775b975e682a78b37b0e351e
e51c94a436ad04dbd2f2295c65c1c138404500bd4408e290bcba7409a0fb9218
e55db04564069cf9e13c156b85c783ba19ead2ec7614592bbf72c1694ece07d9
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
e61641df53d13dc883a7586f4a43b24545aef0c2d414ac7aaa90159605bc3413
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
ec4fb247cdece26f52a88d2ece2fad744bf82514515b807b87cc50138c28e0e0
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ed97213e67a6976a59d58039cc4633c0c6cceed4134207f1f1ae6cb015f54737
ee6c0bdc558915efed566a44df847b8078928141d6c6d68fb272637f12177bff
ee8385a10a21c2b80d39740f73b3d682135ea61450e10f0fe9e178786838c8ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3e9b463af56b1e81e56d5a7da0fe840b1ed804c2c6fc931c88f8bec7a72fcf
f0e1fc73d9c604a2265990bc77779156f7f69b47273c21e064a8445491c9bc8b
f0f9d12ccb4d71455e76a3f7a47dbf3874b4e96c54219d7c3756affcc40d770f
f1c4b0c685e07c923b70f28bacce7a2aa9894beb4e96bbc373401bad66419495
f21a824d68a45b591aa88d898736127554a74ac5edef82a6e403e737c8a3e77e
f36851f555778bcca0fee94e6b673d99431ec704b0bcb1526cda4e38037f4464
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c
f55c328c1980bda462ab2e5457fcf1d8a5a4d5a578f4eaf25ffcb326f99e7345
f55dc50f6554bf0cc63a933da57b95bdf8468ed4f91667cf67554c3652c9c47d
f74dad533f65177fc4ac3d1382e9e9d465e5d7c5ff96a6999cf1d668590e3003
f7788127293dbaf37e098d77504fb8f10ee4c83f052d95b187afb26beb531173
f96ff5c085cc5430ec69c67418f7fde356974d05a8216ea1bdf6cf5974eb169b
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
f9e35c5d0e1de76846d607627d91fec24cb86f391aaa4d332ebe23b549c26c8e
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fa1b381fe26c30d1f677deab4833105d8b1cefab157c31c96cfe37c4f2c7262c
fad9001ba06bc6c3b2f88382c76a06b95dbdb13c2e6360b5217a6f9a3b73d5c6
faf25ece760e6b17bf1fb20c60bcc8b1db7adb95f9b65b6dd25ca6f31cbc5569
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
fcbe14a8ddb57fc5916dcbce7a41954412ed2559c2696f9be3538b77e108c672
fcc25e5bdf12831cc1c03affb0ff5c24f6a5659cdb12f3015ee993c3167b70f6
fda13765489ea484eb7f3d1a8c71ab1e6ac6ef976ea0cf5976f38000d40ea4ec
fe41f351e5df8307d5a944c96a807067a3d1d8a82af0adde0994796f9713a5b1
ff8595413cb6b638ef484a7e048468e78df087088a9b6c111d6e527b5c5d8587