corona19bandaid.com Open in urlscan Pro
116.126.87.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://corona19bandaid.com/
Submission Tags: falconsandbox
Submission: On May 21 via api (May 21st 2021, 8:04:57 am UTC) from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 116.126.87.18, located in Daejeon, Korea, Republic Of and belongs to SKB-AS SK Broadband Co Ltd, KR. The main domain is corona19bandaid.com.

This is the only time corona19bandaid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.126.87.18 116.126.87.18	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
1 1	27.96.130.131 27.96.130.131	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
12	210.89.187.123 210.89.187.123	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	178.250.0.145 178.250.0.145	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
30	14

1 116.126.87.18 (Daejeon, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

corona19bandaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.96.130.131 (Korea, Republic Of) 1 redirects

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 210.89.187.123 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

www.yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.145 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	yesnic.com 1 redirects yesnic.com www.yesnic.com	261 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	157 KB
3	criteo.com cas.criteo.com cat.fr.eu.criteo.com gum.criteo.com	2 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	google-analytics.com ssl.google-analytics.com	17 KB
1	criteo.net static.criteo.net	37 KB
1	corona19bandaid.com corona19bandaid.com	743 B
30	10

	Domain	Requested by
12	www.yesnic.com	corona19bandaid.com www.yesnic.com
5	pagead2.googlesyndication.com	www.yesnic.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	gum.criteo.com	static.criteo.net
1	cat.fr.eu.criteo.com	www.yesnic.com
1	cas.criteo.com	static.criteo.net
1	ssl.google-analytics.com	www.yesnic.com
1	static.criteo.net	www.yesnic.com
1	yesnic.com	1 redirects
1	corona19bandaid.com
30	14

This site contains no links.

Subject Issuer	Validity	Valid
yesnic.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-10` - `2022-02-16`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-03-26` - `2021-06-23`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://corona19bandaid.com/
Frame ID: 074333BA38CE8C11053D02F49868D1B4
Requests: 1 HTTP requests in this frame

Frame: https://www.yesnic.com/?_task=fp&_action=basic
Frame ID: 7ADFBA58DEC55784B376B3BDC0CA4CE9
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 70ECC226022414B6EA4C9872926A2671
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=corona19bandaid.com
Frame ID: 9CB7742503AFEAD4EEB4831F36C2A30C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621584280&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621584280359&bpp=3&bdt=1549&idt=66&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7960213555598&frm=22&ife=1&pv=2&ga_vid=2084136680.1621584280&ga_sid=1621584280&ga_hid=1241582720&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=856695271559593&top=http%3A%2F%2Fcorona19bandaid.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.oox1583lx6py&fsb=1&xpc=Pk9Dtkrh2H&p=https%3A//www.yesnic.com&dtd=82
Frame ID: F3E4FE78FAE20553623F813740C9D8E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6EE0D0783EEF5AED5C112EA54C3BDCDD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

30
Requests

97 %
HTTPS

67 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

506 kB
Transfer

919 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yesnic.com/?_task=fp&_action=basic HTTP 301
https://www.yesnic.com/?_task=fp&_action=basic

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
corona19bandaid.com/ 480 B
743 B 846ms
543ms Document
text/html 116.126.87.18
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: http://corona19bandaid.com/
Protocol: HTTP/1.1
Server: 116.126.87.18 Daejeon, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Apache / PHP/5.2.17
Resource Hash: 98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51

Request headers

Host: corona19bandaid.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 480
Connection: close
Content-Type: text/html; charset=euc-kr

GET
H/1.1

200
OK

Cookie set / Show response
www.yesnic.com/ Frame 7ADF
Redirect Chain

http://yesnic.com/?_task=fp&_action=basic
https://www.yesnic.com/?_task=fp&_action=basic

6 KB
6 KB

1948ms
319ms

Document
text/html

210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/?_task=fp&_action=basic
Requested by: Host: corona19bandaid.com
URL: http://corona19bandaid.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 6185db98a26d6a6b1c493b44a65c6691c081d27e26511e8828e89b965fe672c8

Request headers

Host: www.yesnic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: frame
Referer: http://corona19bandaid.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://corona19bandaid.com/

Response headers

Date: Fri, 21 May 2021 08:04:38 GMT
Server: Apache
Set-Cookie: PHPSESSID=7st335rsb2iosfvpd1b2bacb62; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 6016
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 21 May 2021 08:04:36 GMT
Server: Apache
Location: https://www.yesnic.com/?_task=fp&_action=basic
Content-Length: 258
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK style_forward.css
www.yesnic.com/templates/yesnic/css/ Frame 7ADF 7 KB
7 KB 293ms
292ms Stylesheet
text/css 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/templates/yesnic/css/style_forward.css
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 2618d563242aacf8282e859c657cf825f6f6c55502213fc0a204b14889d3b134

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:38 GMT
Last-Modified: Mon, 05 Apr 2021 02:47:50 GMT
Server: Apache
ETag: "1c14-5bf30b933770d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 7188

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.yesnic.com/js/ Frame 7ADF 94 KB
94 KB 299ms
298ms Script
application/javascript 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/jquery-1.11.3.min.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:38 GMT
Last-Modified: Tue, 28 Jul 2015 23:03:01 GMT
Server: Apache
ETag: "176d5-51bf778cb1340"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 95957

GET
H/1.1 200
OK common.js Show response
www.yesnic.com/js/ Frame 7ADF 51 KB
51 KB 586ms
292ms Script
application/javascript 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/common.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 71ef4835eb4df0a32a0cd973c096e74ae3f7c854ab47fa54324692766f03b855

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:39 GMT
Last-Modified: Tue, 15 Dec 2020 04:46:59 GMT
Server: Apache
ETag: "cb05-5b67972fc6e25"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 51973

GET
H/1.1 200
OK apps.js Show response
www.yesnic.com/js/ Frame 7ADF 2 KB
2 KB 804ms
268ms Script
application/javascript 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/apps.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:39 GMT
Last-Modified: Fri, 31 Jul 2015 05:23:16 GMT
Server: Apache
ETag: "6f7-51c25045b1900"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1783

GET
H/1.1 200
OK parking_basic.js Show response
www.yesnic.com/js/ Frame 7ADF 2 KB
3 KB 825ms
275ms Script
application/javascript 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/parking_basic.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 896fc0efbce89ba6f9f8e66159b07accacdb09a73641d074f08263770d8989ab

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:39 GMT
Last-Modified: Wed, 07 Jun 2017 08:04:20 GMT
Server: Apache
ETag: "9a0-5515a2ef0e900"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2464

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 7ADF 114 KB
37 KB 70ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 08:04:38 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 11:49:39 GMT
server: nginx
etag: W/"60a25853-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 May 2021 08:04:38 GMT

GET
H/1.1 200
OK logo_y_n.gif
www.yesnic.com/templates/yesnic/images/ Frame 7ADF 4 KB
4 KB 292ms
292ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/logo_y_n.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 3f2d9802d4d18e31ec0b41fc66e7da3c1cd6373d32c515df61ab8c3127956698

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:40 GMT
Last-Modified: Thu, 05 Nov 2015 07:41:25 GMT
Server: Apache
ETag: "1035-523c641069340"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 4149

GET
H/1.1 200
OK logo_y_n2.gif
www.yesnic.com/templates/yesnic/images/ Frame 7ADF 2 KB
2 KB 303ms
302ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/logo_y_n2.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 25a6dce0e2accd827f705712eda9010ca1ad95dba9f0ffd737b949b55535c4a1

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:40 GMT
Last-Modified: Thu, 05 Nov 2015 07:41:24 GMT
Server: Apache
ETag: "750-523c640f75100"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 1872

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7ADF 132 KB
47 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 08:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 08:04:40 GMT

GET
H/1.1 200
OK bulk_check_domain_types_utf.php Show response
www.yesnic.com/js/ Frame 7ADF 7 KB
8 KB 286ms
286ms Script
text/html 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/bulk_check_domain_types_utf.php
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/js/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 984d5020888f5a68ac8976c55f7d313ec0850e90e02356c3be4a3d788ea9d9e0

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 7597
Content-Type: text/html; charset=UTF-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 7ADF 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6623
date: Fri, 21 May 2021 06:14:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 21 May 2021 08:14:17 GMT

GET
H/1.1 200
OK ban_kr_event1807.gif
www.yesnic.com/templates/yesnic/images/ Frame 7ADF 10 KB
11 KB 304ms
303ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/ban_kr_event1807.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: c24f56500bf872b49d78667d89a276cce643de788dcc3302734d51710ba542da

Request headers

Referer: https://www.yesnic.com/templates/yesnic/css/style_forward.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:40 GMT
Last-Modified: Wed, 25 Jul 2018 00:19:05 GMT
Server: Apache
ETag: "29f3-571c7d389b040"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 10739

GET
H/1.1 200
OK parking_main_bg2_y.jpg
www.yesnic.com/templates/yesnic/images/ Frame 7ADF 70 KB
70 KB 275ms
274ms Image
image/jpeg 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/parking_main_bg2_y.jpg
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 4ebcb7d7a2bbf4a881f8b5b595bacae9af33e656e99390f90b421351340ee42d

Request headers

Referer: https://www.yesnic.com/templates/yesnic/css/style_forward.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:40 GMT
Last-Modified: Mon, 06 Nov 2017 07:56:56 GMT
Server: Apache
ETag: "117a8-55d4bcc5b0200"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 71592

GET
H/1.1 200
OK bg_input.gif
www.yesnic.com/templates/yesnic/images/ Frame 7ADF 2 KB
2 KB 292ms
292ms Image
image/gif 210.89.187.123
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/bg_input.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.89.187.123 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: e7f40bbdbdfc693600cd81d54bbdf62aa4ff129775df7725efb8122d8a8da5f0

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 08:04:40 GMT
Last-Modified: Wed, 23 Sep 2015 05:11:17 GMT
Server: Apache
ETag: "823-5206324ee4740"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 2083

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ Frame 7ADF 558 B
1 KB 66ms
22ms Script
text/javascript 178.250.0.145
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.criteo.com/delivery/ajs.php?ptv=106&zoneid=806582&cb=53006028853&nodis=1&charset=UTF-8&dc=2&loc=http%3A%2F%2Fcorona19bandaid.com
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.145 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: db47a1ea0a11dff0f735da5e4cdb25a2e96e6e3c9e83863822f33bb316d86f53

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 08:04:39 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP='CUR ADM OUR NOR STA NID'
server-processing-duration-in-ticks: 11063
content-length: 631
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame 7ADF 231 KB
85 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4007715589170015&plah=www.yesnic.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 08:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 08:04:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 70EC 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 May 2021 22:33:52 GMT
expires: Thu, 03 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 34248
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 7ADF 43 B
288 B 53ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ytZXyLd_AQ3GJv_MYmrHyry6HobbtrXclZSs11iHsiR2NlcKjRZmpKWONI4C_x3A5dqTkCdaRq8WBuyAQz8tLb0smw5xPa3Gey-wAto_K_ciB5kVTtDQ_lGK8fdlAhqL4uQFkI2Gsu1NIxMLMgVMqvjYUol5Uqb6P_j2utdWC6XqjlmCSybq0lVTm6uiUqkTWS_wGlmQQDiG-87Ja2ZNxU8hRZA
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 08:04:40 GMT
server: Microsoft-IIS/10.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
server-processing-duration-in-ticks: 4506
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9CB7 0
326 B 47ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=corona19bandaid.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=corona19bandaid.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=f6f91262-5142-48df-a0d2-798917521945; zdi=*1ZJKkzh1nlEWKSucfpJaQ2Q%253d%253d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3340
set-cookie: uid=f6f91262-5142-48df-a0d2-798917521945; expires=Sat, 21 May 2022 08:04:39 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 21 May 2021 08:04:39 GMT
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7ADF 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yesnic.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4007715589170015&plah=www.yesnic.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 08:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7ADF 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yesnic.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 08:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F3E4 399 B
223 B 243ms
241ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621584280&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621584280359&bpp=3&bdt=1549&idt=66&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7960213555598&frm=22&ife=1&pv=2&ga_vid=2084136680.1621584280&ga_sid=1621584280&ga_hid=1241582720&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=856695271559593&top=http%3A%2F%2Fcorona19bandaid.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.oox1583lx6py&fsb=1&xpc=Pk9Dtkrh2H&p=https%3A//www.yesnic.com&dtd=82

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51bba9056b482cf0d321a09d24b0c2aa794d4f5e060f44e863a8b3f47cd7b95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621584280&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621584280359&bpp=3&bdt=1549&idt=66&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7960213555598&frm=22&ife=1&pv=2&ga_vid=2084136680.1621584280&ga_sid=1621584280&ga_hid=1241582720&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=856695271559593&top=http%3A%2F%2Fcorona19bandaid.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.oox1583lx6py&fsb=1&xpc=Pk9Dtkrh2H&p=https%3A//www.yesnic.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 08:04:40 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 08:19:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 08:04:40 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ADF 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 08:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Fri, 21 May 2021 08:04:40 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7ADF 10 KB
7 KB 27ms
26ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab409a754dc2b412f55bcc9bbc4f6279de24489002afbcebdb60512f4f7245c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 08:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7ADF 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 08:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 21 May 2021 08:04:41 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6EE0 12 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 21 May 2021 07:58:18 GMT
expires: Sat, 21 May 2022 07:58:18 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 383
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EE0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 06:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 90481
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5790
x-xss-protection: 0
expires: Fri, 20 May 2022 06:56:40 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADF 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=856695271559593&bg=!Xl2lXRnNAAZ7hX_Ue4U7ACkAdvg8WvZgvFMlsoJa6u7XpWGPjIvAtsH582NXDzJIstZ3u7E1349UTwIAAABGUgAAAAtoAQcKAJzkNUYGoWo0X4YraZ26y9QT8C_6Ec-OAjp9pX_PUqchnacMuWRD0EjnHg8PQ9L37NZpiqPCDdsHdxTYHmTsyBcziypgU6lfU0m01yZtVMn9M5Tnf43BiSG7oKcF0dExqKzxlgU-Z-ax7xyGeKujqy8HSO4WP_h59hsmuZzUZMzr0Lriitxkqt0CaukSN_dvnNkpDCfgU0qDM55UF3uZAlzuGqonpJeUd5V4Nq7Ebk6ULn7WjHw0N2bLf5026dyZixDp-6Fn5WWMCKZItRbC_S5jSJFz3dZxTCUKOUrBa-Nu2xQWZp-_DQ4v8bu5OC7KEI84aqO8iQyEypAmqYsv22TyZbMLNhBp0e07WFI0k58ZsOv5AHQTa4pq5MUlVvSdu34QjTeqlaDwzBlDA21hpwfcSc2jJpNbMnfoZFvqZBaIMN-pbTnw3iZH_b2tcpd_iPh3xFwKEXnaePui7ntmUSF9ixk2BYos1f9dAsw6sY5Sfl1bIux4Rww7IUACLU9epfFYM2gNLBevqyKAx5LZAPE58NX1-e0Jmswn4Hjqyif0YEsTHCrHEwB6qfu0NSygYqozAKmB7gGh4SYRFBFTdgVCB14WldUey0-ch0etiuC4ma30nedB9PJBiPYt9zWxmffiK3UDCA8GE742uXblP4gPTHqzRVBJJOuxN2d0dQNT4yRelaOdUNoaKdLAA9WonRx9CpkXHUV6F7ak3GZF1VQ5jVRtUg1Y7uiLFkbmFpmyfHEFQp7pLJbOsmcMwgVUJUhj41gObVhKkAVDBDBUTcXf2qU4vkJ1Ya-JZZY1lFBFqIeNy0i0oR4HaZAjMEJiZIHpLiMmkUnTPT-OYdIViRZCBxL7OLGH4rWcUjfyiVIYmiGEvILocUuxCNGOJNJC7IhbDs7eUg59qiQG7BJeNcHkZhzZy1A5LgjWBsxqfl93IUNeRlVocL_hfsmQx9E1giyAQbT30QMj4U6phQmhoAN-nOOPmvnjDoaqPnqRPl8Mr-6T3vMkqJKKR5ne

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 08:04:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/	1970-01-19 18:26:27	Name: zdi Value: *1ZJKkzh1nlEWKSucfpJaQ2Q%253d%253d
.criteo.com/	1970-01-20 03:12:00	Name: uid Value: f6f91262-5142-48df-a0d2-798917521945
.doubleclick.net/	1970-01-19 18:26:25	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cas.criteo.com
cat.fr.eu.criteo.com
corona19bandaid.com
googleads.g.doubleclick.net
gum.criteo.com
pagead2.googlesyndication.com
ssl.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
www.googletagservices.com
www.yesnic.com
yesnic.com
116.126.87.18
178.250.0.145
178.250.0.160
210.89.187.123
27.96.130.131
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638::3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2
25a6dce0e2accd827f705712eda9010ca1ad95dba9f0ffd737b949b55535c4a1
2618d563242aacf8282e859c657cf825f6f6c55502213fc0a204b14889d3b134
3f2d9802d4d18e31ec0b41fc66e7da3c1cd6373d32c515df61ab8c3127956698
4ab409a754dc2b412f55bcc9bbc4f6279de24489002afbcebdb60512f4f7245c
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebcb7d7a2bbf4a881f8b5b595bacae9af33e656e99390f90b421351340ee42d
51bba9056b482cf0d321a09d24b0c2aa794d4f5e060f44e863a8b3f47cd7b95d
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
6185db98a26d6a6b1c493b44a65c6691c081d27e26511e8828e89b965fe672c8
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
71ef4835eb4df0a32a0cd973c096e74ae3f7c854ab47fa54324692766f03b855
896fc0efbce89ba6f9f8e66159b07accacdb09a73641d074f08263770d8989ab
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
984d5020888f5a68ac8976c55f7d313ec0850e90e02356c3be4a3d788ea9d9e0
98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c24f56500bf872b49d78667d89a276cce643de788dcc3302734d51710ba542da
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4
db47a1ea0a11dff0f735da5e4cdb25a2e96e6e3c9e83863822f33bb316d86f53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f40bbdbdfc693600cd81d54bbdf62aa4ff129775df7725efb8122d8a8da5f0
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

corona19bandaid.com Open in urlscan Pro 116.126.87.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

67 %IPv6

10 Domains

14 Subdomains

14 IPs

3 Countries

506 kBTransfer

919 kBSize

3 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

corona19bandaid.com Open in urlscan Pro
116.126.87.18 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

67 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

506 kB
Transfer

919 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions