Submitted URL: https://www.money-mint8.com/
Effective URL: https://money-mint8.com/
Submission: On August 20 via automatic, source certstream-suspicious

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 97 HTTP transactions. The main IP is 49.212.180.199, located in Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is money-mint8.com.
TLS certificate: Issued by R3 on August 20th 2021. Valid for: 3 months.
This is the only time money-mint8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
26 money-mint8.com money-mint8.com
25 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 pagead2.googlesyndication.com money-mint8.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
4 www.google.com 3 redirects tpc.googlesyndication.com
4 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 ajax.googleapis.com money-mint8.com
tpc.googlesyndication.com
3 s0.2mdn.net tpc.googlesyndication.com
3 webfonts.sakura.ne.jp money-mint8.com
webfonts.sakura.ne.jp
2 www.google-analytics.com money-mint8.com
www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 secure.gravatar.com money-mint8.com
1 cdn.jsdelivr.net money-mint8.com
1 cdnjs.cloudflare.com money-mint8.com
1 www.money-mint8.com 1 redirects
97 17

This site contains links to these domains. Also see Links.

Domain
feedly.com
Subject Issuer Validity Valid
money-mint8.com
R3
2021-08-20 -
2021-11-18
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.sakura.ne.jp
Gehirn Managed Certification Authority - RSA DV
2020-05-28 -
2022-05-28
2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
*.googleadservices.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh

This page contains 14 frames:

Primary Page: https://money-mint8.com/
Frame ID: F01A8F40D47952ADD65B0C491A30CDDE
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 389FD33823742CE094B59178EB54CE70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Frame ID: 0EBA7EC861B5C5FEFB9A55C719EA4E6A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Frame ID: D4FCEB3DF14A84FB1C906C2FE3D4D3E0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Frame ID: 6DA4754E7AED3DD20CEAC3579341CCA0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&adk=1812271804&adf=3025194257&lmt=1629455691&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmoney-mint8.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691230&bpp=1&bdt=3798&idt=83&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600%2C336x280&nras=1&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=88
Frame ID: 6F68CFDE2C389D1A42F73179A6E18F6E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html
Frame ID: 94AB4D9AE0634121F02258E527D022DB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C6F9DBCE1E3E98BC64AB312609EF0F26
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html
Frame ID: 318BFEC10437A11F4BDA2A744EF5B941
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html
Frame ID: 0E2743D6E5F058A38826AAAF1153627C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1D54A8210380D9B7EDE8FC2313BA6A75
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E5857419EEA8FA90975AAC2EAFF0D2BA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: ABE81FD68B32A9FDAA7ED8BA81618399
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FFC2E183B2FC7BD21BA98DB11DF3B20E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

忙しいあなたの代わりに、「お金の悩み」の解決法をご提案します

Page URL History Show full URLs

  1. https://www.money-mint8.com/ HTTP 301
    https://money-mint8.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

97
Requests

100 %
HTTPS

80 %
IPv6

14
Domains

17
Subdomains

16
IPs

4
Countries

1443 kB
Transfer

4023 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.money-mint8.com/ HTTP 301
    https://money-mint8.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 87
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 88
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

97 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
money-mint8.com/
Redirect Chain
  • https://www.money-mint8.com/
  • https://money-mint8.com/
169 KB
23 KB
Document
General
Full URL
https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
9e4d2acb71c88280f3a0361c6812263489541b965826ddf8e2428280e77b6ab4

Request headers

:method
GET
:authority
money-mint8.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 20 Aug 2021 10:34:46 GMT
content-type
text/html; charset=UTF-8
content-length
23004
vary
Accept-Encoding,Cookie
cache-control
max-age=3, must-revalidate
content-encoding
gzip

Redirect headers

server
nginx
date
Fri, 20 Aug 2021 10:34:46 GMT
content-type
text/html; charset=UTF-8
content-length
26
location
https://money-mint8.com/
vary
Accept-Encoding,Cookie
x-redirect-by
WordPress
content-encoding
gzip
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4866
date
Fri, 20 Aug 2021 09:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Fri, 20 Aug 2021 11:13:41 GMT
autotrack.js
money-mint8.com/wp-content/plugins/all-in-one-seo-pack/app/Common/Assets/js/
24 KB
8 KB
Script
General
Full URL
https://money-mint8.com/wp-content/plugins/all-in-one-seo-pack/app/Common/Assets/js/autotrack.js?ver=4.1.2.1
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
f3552215efd8efc3354791f2ba0dadb6c449a2009723ec21f832f12b615b80a3

Request headers

:path
/wp-content/plugins/all-in-one-seo-pack/app/Common/Assets/js/autotrack.js?ver=4.1.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 02:22:05 GMT
server
nginx
etag
"604f-5c6e3c98ead40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
8004
expires
Fri, 27 Aug 2021 10:34:47 GMT
style.css
money-mint8.com/wp-content/themes/cocoon-master/
210 KB
38 KB
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/style.css?ver=5.7.2&fver=20210504073603
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
275474994c71c0ba3c291506f91311835a68bf8a76aaa8c8c4c0f2efc0f35a96

Request headers

:path
/wp-content/themes/cocoon-master/style.css?ver=5.7.2&fver=20210504073603
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:03 GMT
server
nginx
etag
"34847-5c17c2156dec0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
38203
expires
Fri, 27 Aug 2021 10:34:47 GMT
keyframes.css
money-mint8.com/wp-content/themes/cocoon-master/
292 B
356 B
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/keyframes.css?ver=5.7.2&fver=20210504073603
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68

Request headers

:path
/wp-content/themes/cocoon-master/keyframes.css?ver=5.7.2&fver=20210504073603
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:03 GMT
server
nginx
etag
"124-5c17c2156dec0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
124
expires
Fri, 27 Aug 2021 10:34:47 GMT
font-awesome.min.css
money-mint8.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=5.7.2&fver=20210504073601
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

:path
/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=5.7.2&fver=20210504073601
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:01 GMT
server
nginx
etag
"792a-5c17c21385a40-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
7059
expires
Fri, 27 Aug 2021 10:34:47 GMT
style.css
money-mint8.com/wp-content/themes/cocoon-master/webfonts/icomoon/
3 KB
1 KB
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=5.7.2&fver=20210504073603
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20

Request headers

:path
/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=5.7.2&fver=20210504073603
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:03 GMT
server
nginx
etag
"c02-5c17c2156dec0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
813
expires
Fri, 27 Aug 2021 10:34:47 GMT
style.css
money-mint8.com/wp-content/themes/cocoon-child-master/
827 B
559 B
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-child-master/style.css?ver=5.7.2&fver=20180403104544
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
ee67d51538763a7388ec351771eb0f52861c1cd828470e7ecf29e217a1d6a7ad

Request headers

:path
/wp-content/themes/cocoon-child-master/style.css?ver=5.7.2&fver=20180403104544
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:48 GMT
content-encoding
gzip
last-modified
Tue, 03 Apr 2018 10:45:44 GMT
server
nginx
etag
"33b-568ef688b8600-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
326
expires
Fri, 27 Aug 2021 10:34:48 GMT
screen.min.css
money-mint8.com/wp-content/plugins/table-of-contents-plus/
1 KB
688 B
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106&fver=20210712022227
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

:path
/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106&fver=20210712022227
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:49 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 02:22:27 GMT
server
nginx
etag
"484-5c6e3cade5ec0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
456
expires
Fri, 27 Aug 2021 10:34:49 GMT
style.min.css
money-mint8.com/wp-content/plugins/wp-content-copy-protection/assets/css/
167 B
338 B
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/plugins/wp-content-copy-protection/assets/css/style.min.css?ver=1614608552&fver=20210301022232
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
42b1291f205e30914c1ad28643764cce277a03c4f06d2b828058697c56dcf58f

Request headers

:path
/wp-content/plugins/wp-content-copy-protection/assets/css/style.min.css?ver=1614608552&fver=20210301022232
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:49 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 14:22:32 GMT
server
nginx
etag
"a7-5bc7a59317a00-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
106
expires
Fri, 27 Aug 2021 10:34:49 GMT
wpp.css
money-mint8.com/wp-content/plugins/wordpress-popular-posts/assets/css/
2 KB
788 B
Stylesheet
General
Full URL
https://money-mint8.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.3.5&fver=20210712022229
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
f26d98c3973c7df12d78bbb4164589b59dc42d4797b58471b358364c1005b2d3

Request headers

:path
/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.3.5&fver=20210712022229
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 02:22:29 GMT
server
nginx
etag
"631-5c6e3cafce340-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
556
expires
Fri, 27 Aug 2021 10:34:50 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 16:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Aug 2022 16:11:28 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/
10 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
903740
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3550
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLrpoBuLRCzMG0HAIW0OROS97OtKORMcct0Pht1X%2FKQw%2BbKUp5yvSD7BhY%2F1f1ScNcQ6qj4797N6Whi4YoPdp7LEKvBGtUI8d2jfwh9c7hi%2BgxWmNSyh6uTeK6EacEaT%2Fe9ArfVL4CpmQ2FNkMtQILOG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
681af89e9de2176a-FRA
expires
Wed, 10 Aug 2022 10:34:47 GMT
sakurav2.js
webfonts.sakura.ne.jp/js/
22 KB
9 KB
Script
General
Full URL
https://webfonts.sakura.ne.jp/js/sakurav2.js?fadein=0&ver=3.0.0
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
59.106.25.13 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
70f696fe7667c2b7767e6c369e150a558783860c855316a3e20a85b208bde7bb

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:48 GMT
content-encoding
gzip
last-modified
Tue, 15 Sep 2020 01:44:56 GMT
server
nginx
etag
W/"5f601c98-58cf"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
wpp.min.js
money-mint8.com/wp-content/plugins/wordpress-popular-posts/assets/js/
3 KB
1 KB
Script
General
Full URL
https://money-mint8.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.3.5&fver=20210712022229
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
9a7330fd435eb85d95353f8ff6ce7bcf64fd1156976d819973439c93e27e3875

Request headers

:path
/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.3.5&fver=20210712022229
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 02:22:29 GMT
server
nginx
etag
"a05-5c6e3cafce340-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1193
expires
Fri, 27 Aug 2021 10:34:50 GMT
icomoon.woff
money-mint8.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/
12 KB
8 KB
Font
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?3o5bkh
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30

Request headers

:path
/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?3o5bkh
pragma
no-cache
origin
https://money-mint8.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://money-mint8.com
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:03 GMT
server
nginx
etag
"3124-5c17c2156dec0-gzip"
vary
Accept-Encoding
content-type
application/x-font-woff
accept-ranges
bytes
content-length
7618
icomoon.ttf
money-mint8.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/
12 KB
8 KB
Font
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf?3o5bkh
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195

Request headers

:path
/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.ttf?3o5bkh
pragma
no-cache
origin
https://money-mint8.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://money-mint8.com
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:03 GMT
server
nginx
etag
"30d4-5c17c2156dec0-gzip"
vary
Accept-Encoding
content-type
application/x-font-ttf
accept-ranges
bytes
content-length
7595
fontawesome-webfont.woff2
money-mint8.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://money-mint8.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://money-mint8.com
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:47 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:01 GMT
server
nginx
accept-ranges
bytes
etag
"12d68-5c17c21385a40-gzip"
vary
Accept-Encoding
no-image-320.png
money-mint8.com/wp-content/themes/cocoon-master/images/
739 B
973 B
Image
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/images/no-image-320.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
cae69e643674ce071a2b636b10b21583a97e9fc958a8f5a21c14d3aff49790b4

Request headers

:path
/wp-content/themes/cocoon-master/images/no-image-320.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:00 GMT
server
nginx
etag
"2e3-5c17c21291800-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
739
expires
Sun, 19 Sep 2021 10:34:50 GMT
javascript.js
money-mint8.com/wp-content/themes/cocoon-master/
7 KB
3 KB
Script
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-master/javascript.js?ver=5.7.2&fver=20210504073603
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
747b1267a565fe7bb5846ded293c55cd535b012a62920d6e37eaf9d97b478081

Request headers

:path
/wp-content/themes/cocoon-master/javascript.js?ver=5.7.2&fver=20210504073603
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 07:36:03 GMT
server
nginx
etag
"1b68-5c17c2156dec0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
2590
expires
Fri, 27 Aug 2021 10:34:50 GMT
javascript.js
money-mint8.com/wp-content/themes/cocoon-child-master/
298 B
455 B
Script
General
Full URL
https://money-mint8.com/wp-content/themes/cocoon-child-master/javascript.js?ver=5.7.2&fver=20180403104544
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

:path
/wp-content/themes/cocoon-child-master/javascript.js?ver=5.7.2&fver=20180403104544
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Tue, 03 Apr 2018 10:45:44 GMT
server
nginx
etag
"12a-568ef688b8600-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
212
expires
Fri, 27 Aug 2021 10:34:50 GMT
front.min.js
money-mint8.com/wp-content/plugins/table-of-contents-plus/
6 KB
3 KB
Script
General
Full URL
https://money-mint8.com/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106&fver=20210712022227
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path
/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106&fver=20210712022227
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 02:22:27 GMT
server
nginx
etag
"17cb-5c6e3cade5ec0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
2349
expires
Fri, 27 Aug 2021 10:34:50 GMT
script.min.js
money-mint8.com/wp-content/plugins/wp-content-copy-protection/assets/js/
1 KB
787 B
Script
General
Full URL
https://money-mint8.com/wp-content/plugins/wp-content-copy-protection/assets/js/script.min.js?ver=1614608552&fver=20210301022232
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
a8c1883b9e9af2d6d6f791d51ef4ba5eebb7e06afbb6ab42ac6067e81373460a

Request headers

:path
/wp-content/plugins/wp-content-copy-protection/assets/js/script.min.js?ver=1614608552&fver=20210301022232
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Mon, 01 Mar 2021 14:22:32 GMT
server
nginx
etag
"501-5bc7a59317a00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
545
expires
Fri, 27 Aug 2021 10:34:50 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49909
x-xss-protection
0
server
cafe
etag
7723420151934129076
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 Aug 2021 10:34:50 GMT
clipboard.min.js
cdn.jsdelivr.net/clipboard.js/1.5.13/
10 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/clipboard.js/1.5.13/clipboard.min.js
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4802359
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3469
etag
W/"29b8-SfrX8LNZaoGlcNmIEvoJIzsobb4"
x-served-by
cache-fra19147-FRA
date
Fri, 20 Aug 2021 10:34:50 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
collect
www.google-analytics.com/j/
2 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1219780697&t=pageview&_s=1&dl=https%3A%2F%2Fmoney-mint8.com%2F&ul=en-us&de=UTF-8&dt=%E5%BF%99%E3%81%97%E3%81%84%E3%81%82%E3%81%AA%E3%81%9F%E3%81%AE%E4%BB%A3%E3%82%8F%E3%82%8A%E3%81%AB%E3%80%81%E3%80%8C%E3%81%8A%E9%87%91%E3%81%AE%E6%82%A9%E3%81%BF%E3%80%8D%E3%81%AE%E8%A7%A3%E6%B1%BA%E6%B3%95%E3%82%92%E3%81%94%E6%8F%90%E6%A1%88%E3%81%97%E3%81%BE%E3%81%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADAAAAAC~&jid=1867554888&gjid=410772095&cid=1805447397.1629455687&tid=UA-100887476-1&_gid=264146586.1629455687&_r=1&_slc=1&_av=2.4.0&_au=20&did=i5iSjo&z=1588036654
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 10:34:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://money-mint8.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
checkdigit
webfonts.sakura.ne.jp/advance/ref/ja/108/
1 B
185 B
XHR
General
Full URL
https://webfonts.sakura.ne.jp/advance/ref/ja/108/checkdigit?579~Suv0YMk%3D
Requested by
Host: webfonts.sakura.ne.jp
URL: https://webfonts.sakura.ne.jp/js/sakurav2.js?fadein=0&ver=3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
59.106.25.13 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
cache
date
Fri, 20 Aug 2021 10:34:51 GMT
server
nginx
etag
"typesquare-use-cache"
x-cache-status
HIT
content-type
text/plain;;charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=8640000
fde3f117a3d042faf61fcd3a6e3d8e88-320x180.png
money-mint8.com/wp-content/uploads/2019/09/
43 KB
43 KB
Image
General
Full URL
https://money-mint8.com/wp-content/uploads/2019/09/fde3f117a3d042faf61fcd3a6e3d8e88-320x180.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
62fd31a661e9a9e0b8ecd35638593814d05821bc32fe2bbfc378864d26f6108a

Request headers

:path
/wp-content/uploads/2019/09/fde3f117a3d042faf61fcd3a6e3d8e88-320x180.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Fri, 21 Sep 2018 04:43:45 GMT
server
nginx
etag
"ac7d-5765a48db0240-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
44185
expires
Sun, 19 Sep 2021 10:34:50 GMT
ea9c80788d6e47316bac817d587e777f-320x180.png
money-mint8.com/wp-content/uploads/2019/09/
20 KB
21 KB
Image
General
Full URL
https://money-mint8.com/wp-content/uploads/2019/09/ea9c80788d6e47316bac817d587e777f-320x180.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
d9cec9ae54e0b5e0aea4ab7dd37c6ea8c426232963eab9566d9aff24556b7ad4

Request headers

:path
/wp-content/uploads/2019/09/ea9c80788d6e47316bac817d587e777f-320x180.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Fri, 21 Sep 2018 04:39:12 GMT
server
nginx
etag
"516e-5765a38955c00-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20791
expires
Sun, 19 Sep 2021 10:34:50 GMT
9e8745fe7991ba902bd7702786802b24-320x180.png
money-mint8.com/wp-content/uploads/2019/09/
45 KB
46 KB
Image
General
Full URL
https://money-mint8.com/wp-content/uploads/2019/09/9e8745fe7991ba902bd7702786802b24-320x180.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
7bbc94f6e8b8f2024e2dbe47ea8b075759f76aa2f04df847dfa22657bfbb325f

Request headers

:path
/wp-content/uploads/2019/09/9e8745fe7991ba902bd7702786802b24-320x180.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Thu, 20 Sep 2018 05:40:12 GMT
server
nginx
etag
"b4ff-57646f4e52700-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
46363
expires
Sun, 19 Sep 2021 10:34:50 GMT
64126133bae70b07d2b881f9c22bc27b-320x180.png
money-mint8.com/wp-content/uploads/2019/05/
15 KB
16 KB
Image
General
Full URL
https://money-mint8.com/wp-content/uploads/2019/05/64126133bae70b07d2b881f9c22bc27b-320x180.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
50a6260a4cb12df47112cc60941d2936ec212954734c70f0fa1ba6fc30864111

Request headers

:path
/wp-content/uploads/2019/05/64126133bae70b07d2b881f9c22bc27b-320x180.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:50 GMT
content-encoding
gzip
last-modified
Fri, 04 May 2018 06:17:45 GMT
server
nginx
etag
"3d98-56b5b473e1440-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15791
expires
Sun, 19 Sep 2021 10:34:50 GMT
1bbd8ceea1ee84e6ee69a28cf55df492-320x180.png
money-mint8.com/wp-content/uploads/2019/04/
15 KB
16 KB
Image
General
Full URL
https://money-mint8.com/wp-content/uploads/2019/04/1bbd8ceea1ee84e6ee69a28cf55df492-320x180.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
f3b7d63d1059022ef784acecd8e1e9f6f50c2faae6e8bfcb98f36a4594581c2e

Request headers

:path
/wp-content/uploads/2019/04/1bbd8ceea1ee84e6ee69a28cf55df492-320x180.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
last-modified
Wed, 25 Apr 2018 04:28:17 GMT
server
nginx
etag
"3ddf-56aa4b32ffa40-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15862
expires
Sun, 19 Sep 2021 10:34:51 GMT
6fbc220d07c147581aa85454eeb961fd-320x180.png
money-mint8.com/wp-content/uploads/2019/04/
12 KB
12 KB
Image
General
Full URL
https://money-mint8.com/wp-content/uploads/2019/04/6fbc220d07c147581aa85454eeb961fd-320x180.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
3c848decf5e413951239c331286a43897db3faf749b6d54961141ec0e0144baf

Request headers

:path
/wp-content/uploads/2019/04/6fbc220d07c147581aa85454eeb961fd-320x180.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
last-modified
Mon, 23 Apr 2018 09:34:11 GMT
server
nginx
etag
"308b-56a80bd7d0ac0-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12412
expires
Sun, 19 Sep 2021 10:34:51 GMT
whats-income-deduction-for-making-tax-cheaper-320x180.png
money-mint8.com/wp-content/uploads/2018/03/
76 KB
76 KB
Image
General
Full URL
https://money-mint8.com/wp-content/uploads/2018/03/whats-income-deduction-for-making-tax-cheaper-320x180.png
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.199 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2759.sakura.ne.jp
Software
nginx /
Resource Hash
0b10e252974acdc4cf5299e0b0add9b6b023014781382453616339175a07c986

Request headers

:path
/wp-content/uploads/2018/03/whats-income-deduction-for-making-tax-cheaper-320x180.png
pragma
no-cache
cookie
__gads=ID=79900967e65db1bf-22b7dce5b0c900d7:T=1629455691:RT=1629455691:S=ALNI_MaEtYTrVjD1ZP8wfYilExO2I18KtA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
money-mint8.com
referer
https://money-mint8.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 03:23:05 GMT
server
nginx
etag
"12e5f-5c18cb6805840-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
expires
Sun, 19 Sep 2021 10:34:51 GMT
daa24de90a73fc20460a81480d6a48d4
secure.gravatar.com/avatar/
234 B
509 B
Image
General
Full URL
https://secure.gravatar.com/avatar/daa24de90a73fc20460a81480d6a48d4?s=200&d=blank&r=g
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2ed5b0d9ae5959fa90a26a92a923de7cd8e792c64838d4ccea6e853bd792ab6e

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 20 Aug 2021 10:34:50 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="daa24de90a73fc20460a81480d6a48d4.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/daa24de90a73fc20460a81480d6a48d4?s=200&d=blank&r=g>; rel="canonical"
content-length
234
expires
Fri, 20 Aug 2021 10:39:50 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95446
x-xss-protection
0
server
cafe
etag
16230733116024533272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 20 Aug 2021 10:34:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 389F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210812/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-mint8.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://money-mint8.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 19 Aug 2021 20:11:15 GMT
expires
Thu, 02 Sep 2021 20:11:15 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
51816
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ab.woff
webfonts.sakura.ne.jp/
17 KB
18 KB
Font
General
Full URL
https://webfonts.sakura.ne.jp/ab.woff
Requested by
Host: money-mint8.com
URL: https://money-mint8.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
59.106.25.13 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Origin
https://money-mint8.com
Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
last-modified
Fri, 26 Feb 2021 05:26:27 GMT
server
nginx
etag
"60388683-4578"
x-cache-status
HIT
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17784
cookie.js
partner.googleadservices.com/gampad/
205 B
662 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=money-mint8.com&callback=_gfp_s_&client=ca-pub-3888403944892583
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f6eb52d6fb472c262b086cbd52ed11b4c39eb200021b3b66597cfd2dd7f6b202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=money-mint8.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=money-mint8.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0EBA
102 KB
35 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba5b3faf25044348c404c8bf6c73bb08a9fbd24b28ffcc46e235050a6a6492d6
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPyor2zv_ICFRT7dwodbbEAzA&gqi=S4UfYY3AE9uU7_UP496S8AQ&layout=/sadbundle/%24csp%253Der3%24/17232005278383265105/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-mint8.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://money-mint8.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNPyor2zv_ICFRT7dwodbbEAzA&gqi=S4UfYY3AE9uU7_UP496S8AQ&layout=/sadbundle/%24csp%253Der3%24/17232005278383265105/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Aug 2021 10:34:51 GMT
server
cafe
content-length
36214
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 10:49:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 10:34:51 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286089745720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27752
x-xss-protection
0
expires
Fri, 20 Aug 2021 10:34:51 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D4FC
102 KB
35 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1c2699161386c105ea31e6532245bd1a89fd914b52c4e5b925f1ec2964ffb98
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7-or2zv_ICFcKadwodbiIH1g&gqi=S4UfYdHEE-WT9u8P1LOxgAo&layout=/sadbundle/%24csp%253Der3%24/6516889693327500606/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-mint8.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://money-mint8.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7-or2zv_ICFcKadwodbiIH1g&gqi=S4UfYdHEE-WT9u8P1LOxgAo&layout=/sadbundle/%24csp%253Der3%24/6516889693327500606/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Aug 2021 10:34:51 GMT
server
cafe
content-length
36215
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 10:49:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 10:34:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6DA4
102 KB
36 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97d04091146dbf2837cd339ad64b845cdfb1436fdb88861e2143d49b209fd97e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXjor2zv_ICFWQSiwodx50KRQ&gqi=S4UfYb7AE93E7_UP5Jmg2AE&layout=/sadbundle/%24csp%253Der3%24/15571777935123451843/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-mint8.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://money-mint8.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXjor2zv_ICFWQSiwodx50KRQ&gqi=S4UfYb7AE93E7_UP5Jmg2AE&layout=/sadbundle/%24csp%253Der3%24/15571777935123451843/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Aug 2021 10:34:51 GMT
server
cafe
content-length
36352
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 10:49:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 10:34:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6F68
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&adk=1812271804&adf=3025194257&lmt=1629455691&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmoney-mint8.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691230&bpp=1&bdt=3798&idt=83&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600%2C336x280&nras=1&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3888403944892583&output=html&adk=1812271804&adf=3025194257&lmt=1629455691&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmoney-mint8.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691230&bpp=1&bdt=3798&idt=83&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600%2C336x280&nras=1&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=88
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-mint8.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://money-mint8.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 10:34:51 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 10:49:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 10:34:51 GMT
cache-control
private
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 6DA4
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1987
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 10:01:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 6DA4
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 09:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 09:13:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DA4
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 10:34:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 6DA4
14 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 10:16:48 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/ Frame 94AB
3 KB
3 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b76202dac2e70f3275295d412ee8956f8cb7a145f212e96be22f1eb17b29f98
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/15571777935123451843/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1314
date
Tue, 17 Aug 2021 07:45:07 GMT
expires
Wed, 17 Aug 2022 07:45:07 GMT
last-modified
Thu, 15 Apr 2021 13:46:21 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
269384
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 6DA4
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ca5pSS4UfYYWSFOSkrATHu6qoBPzTisJj9tuVy80N7-bz_QgQASCOxuI8YJUCoAH_hK3tA8gBCagDAcgDSKoE1QFP0M1kJKs4TybUbARV1E7OUn5zM9eEF29Rf8rQJWaWp-lt0EkbErF8IdC8mdTaneKadfJalxVkz3bd-3jovo4WcPIWYYABmyn_LDnw08iBHfWz3KqF6GwcpfeUfgTKrWSoM8g-ypKDtGCGejJzHsyGnxd812M2kPbuKd6u-y2oxkOWQVOhS1Ih4WUsHl8EXP4EsMczPtIXTHTiBdAn-UAwDymG2TfcJGml0vqSd48zNd5Dbveq30Y_4R5oJO3l_yqBHRYd7ISuDsYA4Vmeyvj6F6Eg0R_ABNz_xsL4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELGzW9IICQiA4YAQEAEYH4AKAcgLAaIMCCoGCgT5nrEC2BMM0BUBgBcBshccChoIABIUcHViLTM4ODg0MDM5NDQ4OTI1ODMYAA&sigh=389vZwL9Nuc&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 20 Aug 2021 10:34:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Aug 2021 10:34:51 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 94AB
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 20 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 94AB
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79038
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 20 Aug 2021 12:37:33 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 94AB
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Aug 2021 10:34:51 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 94AB
84 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 05:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:47:18 GMT
index.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/ Frame 94AB
171 KB
23 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6be01fe8df01d1848ffe869bd110419db7799a19109341ccbaef1359a797c08
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
288371
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 13:46:21 GMT
server
sffe
date
Tue, 17 Aug 2021 02:28:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:28:40 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C6F9
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk97RpUmjpiup2MEnWEpHeoRE-GQ7F3Digc7rZuCFPzuVioCOlusr_wUTZr5ks
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 20 Aug 2021 09:42:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6DA4
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfdc54b5ea3d8dd9457e30f574b7dfa37b4d0497aee7fa4e09da7ae2540ae8e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame C6F9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk97RpUmjpiup2MEnWEpHeoRE-GQ7F3Digc7rZuCFPzuVioCOlusr_wUTZr5ks; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 10:34:51 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 20-Aug-2021 11:34:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 10:34:51 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 10:34:51 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index_atlas_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/ Frame 94AB
366 B
392 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15571777935123451843/index_atlas_.png?1583930339705
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=1377219251&adk=2383168834&adf=3951603921&pi=t.ma~as.1377219251&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691222&bpp=1&bdt=3790&idt=87&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C300x600&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=2715&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=i9jaudcHxh&p=https%3A//money-mint8.com&dtd=89
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf22c770b8efd337825b8c95b64243ff1ee5037015dfd8d85f7fe2248df54c26
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
292942
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 13:46:21 GMT
server
sffe
date
Tue, 17 Aug 2021 01:12:29 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:12:29 GMT
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 94AB
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 10:12:06 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame D4FC
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 10:01:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame D4FC
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 09:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 09:13:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4FC
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 10:34:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame D4FC
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 10:16:48 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/ Frame 318B
3 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef37f82fe8e1569d97ed564c521e02053b5ab0fae41d26b7d4a5e410ffe6266
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/6516889693327500606/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1309
date
Tue, 17 Aug 2021 07:17:48 GMT
expires
Wed, 17 Aug 2022 07:17:48 GMT
last-modified
Thu, 15 Apr 2021 13:47:26 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
271024
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame D4FC
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcORHS4UfYd6sFMK13gPuxJywDfzTisJj9uqVy80N7-bz_QgQASCOxuI8YJUCoAH_hK3tA8gBCagDAcgDSKoE1QFP0CTH_y5-A7ikwS2v0KcCbkMbyi3vr_Xje3_-rmvrTPDSNszNPpet1LfjkjdMikpYFuaraYKvuxgyE4xIhzdIXBn3di9D_w3aHCUHxlriBk_fgosfnskIuAloyVu-yV7QbhZBWiJyrUYFjXXqkG5BNhjdFopfc4wPq4YrYQ-87k4WcPAryaI02_DVDS8cSTwXbTyNaqTCd-iibcEwNwvkMc5z2wBxwixnoLpDxQZRODM7pCKahncjHVb0tEtTFQX6yuiQiO4D1wxmI6UBN1g4tch8HyfABNz_xsL4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELKmFtIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zODg4NDAzOTQ0ODkyNTgzGAA&sigh=xdFS4c_kFfk&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 20 Aug 2021 10:34:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 0EBA
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 10:01:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 0EBA
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 09:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 09:13:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0EBA
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 10:34:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 0EBA
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 10:16:48 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/ Frame 0E27
2 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499894c6fe72135a0944b9e732f3ebb3734534af89c8953934de2715647ddb5f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/17232005278383265105/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1163
date
Mon, 16 Aug 2021 20:35:24 GMT
expires
Tue, 16 Aug 2022 20:35:24 GMT
last-modified
Thu, 15 Apr 2021 13:48:04 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
309568
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 0EBA
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMZVyS4UfYZOhFJT23wPt4oLgDPzTisJjo8fUzt0N7-bz_QgQASCOxuI8YJUCoAH_hK3tA8gBCagDAcgDSKoE2AFP0Oeomq9v8RPxGmrcTiZhbOx9AdgbeQpB2FuGATMXnn89UZ8l_Scht-5l67bND4P7BPb6tEblWcupTGlIa2ph8XttLUwMPTIYgKr5eqhNe-hVR7821Wgucz4ewNJZkQFCVdTz5W6y9kw8w_U7WZAgBeDLv0VyaqJiRK23faoojKGC29Ub0E2FT_XVARMO0TQX-rM7_P8r7-P1yMbHIOtXF8EPOdJlfkZwV47lN_bVMW6l6wLB6yAUxEjMe7a4iS1Q3iN6TPiwoAsZdPeC2PFoU0xOk73Rdk7ABPSBx8L4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENmLU9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zODg4NDAzOTQ0ODkyNTgzGAA&sigh=-B4nQFEMFAM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 20 Aug 2021 10:34:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1D54
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk97RpUmjpiup2MEnWEpHeoRE-GQ7F3Digc7rZuCFPzuVioCOlusr_wUTZr5ks; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 20 Aug 2021 09:42:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame E585
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk97RpUmjpiup2MEnWEpHeoRE-GQ7F3Digc7rZuCFPzuVioCOlusr_wUTZr5ks; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 20 Aug 2021 09:42:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D4FC
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
286d3b862c6f794c0e5d11fc0468a8c8a1d7f45f7cd6d211e4273c472cb3a919

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 318B
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 20 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 318B
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 20 Aug 2021 12:37:33 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 318B
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Aug 2021 10:34:52 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 318B
84 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 05:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:47:18 GMT
index.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/ Frame 318B
161 KB
39 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e65dbbe5b03da4fc6a7a8096ed9ab485143c840d795fd2d6ac6e62f46f2cbdbe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
288305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40389
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 13:47:26 GMT
server
sffe
date
Tue, 17 Aug 2021 02:29:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 02:29:47 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0E27
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 20 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0E27
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 20 Aug 2021 12:37:33 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0E27
186 KB
48 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Aug 2021 10:34:52 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 0E27
84 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 05:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Aug 2022 05:47:18 GMT
index.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/ Frame 0E27
232 KB
52 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17232005278383265105/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c500ded683ea548030aea3e0e890cb03b6b41012fa9abf994b81812f844342d4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
308085
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53381
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 13:48:04 GMT
server
sffe
date
Mon, 16 Aug 2021 21:00:07 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 21:00:07 GMT
truncated
/ Frame 0EBA
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fc9ed966f8e59e2590a64432de0caaf3a9ae43e42ae12234674731937c9118a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D54
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk97RpUmjpiup2MEnWEpHeoRE-GQ7F3Digc7rZuCFPzuVioCOlusr_wUTZr5ks; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 10:34:52 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 20-Aug-2021 11:34:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 10:34:52 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 10:34:52 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E585
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=280&slotname=2791794151&adk=231095531&adf=1886745555&pi=t.ma~as.2791794151&w=336&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=3&psa=0&format=336x280&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691216&bpp=5&bdt=3784&idt=68&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=3211875784837&frm=20&pv=2&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CFrDfj3j2M&p=https%3A//money-mint8.com&dtd=83
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk97RpUmjpiup2MEnWEpHeoRE-GQ7F3Digc7rZuCFPzuVioCOlusr_wUTZr5ks; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 10:34:52 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 20-Aug-2021 11:34:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 10:34:52 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 10:34:52 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index_atlas_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/ Frame 318B
10 KB
10 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6516889693327500606/index_atlas_.png?1581515518564
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3888403944892583&output=html&h=600&slotname=1087652630&adk=1383628706&adf=3900268082&pi=t.ma~as.1087652630&w=300&fwrn=4&fwrnh=100&lmt=1629455691&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fmoney-mint8.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629455691221&bpp=1&bdt=3789&idt=84&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=3211875784837&frm=20&pv=1&ga_vid=1805447397.1629455687&ga_sid=1629455691&ga_hid=1219780697&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=1886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066109%2C44747620%2C20211866%2C31062297&oid=3&pvsid=3396615564706669&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BoYkGPFGxR&p=https%3A//money-mint8.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
472af782e0e4309583789263a1f51e00ba8504274ebc1797c62049648557c574
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
251221
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10604
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 13:47:26 GMT
server
sffe
date
Tue, 17 Aug 2021 12:47:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:47:51 GMT
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 318B
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 10:12:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf216a3d62ebc4df15d9c1a3ce059abb5d84a30daf61d52976ce256c82dc7d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 10:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8479
x-xss-protection
0
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 0E27
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 10:12:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3888403944892583&plah=money-mint8.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 20 Aug 2021 10:34:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame ABE8
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-mint8.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://money-mint8.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 20 Aug 2021 10:30:57 GMT
expires
Sat, 20 Aug 2022 10:30:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FFC2
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a3a9b471470d4a2f7ef9d00a796b124f15af53df95e7c693814bdfc40995e6e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AJT0qQN+DueVRT+rCzN8MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-mint8.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://money-mint8.com/

Response headers

expires
Fri, 20 Aug 2021 10:34:52 GMT
date
Fri, 20 Aug 2021 10:34:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AJT0qQN+DueVRT+rCzN8MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame ABE8
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 10:12:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=3396615564706669&bg=!z8ylzIjNAAZvV8FTb1c7ACkAdvg8Wpw1Ra2D9DgHcgyhxFsSBUVjdYZkLaZxJTaBgHLDoPuLvcOrXgIAAABKUgAAAApoAQcKACPn7QFKYJKPCyh0PrHLEh0RM4WTEEjph-zSsU8g4QOUnGdti5kCdxOGmWxjDBC0CwNR56oJG1hLyMUeUuRACtLTdfjHmQ6AiG0e5mDU4HK0eWib5Te9D1MWrJYOpKSse_B08kWgYJLRMJmA21o1zh0GMfk7JOKACoIg2QQ70Wmdlnl63my5d9iZxXPmGJKuhwSXUriRrdOrkrNJTRRfY0oY_YjGdG836k4tUQ6bY5pH1w1ek4jdz6KELzWJFl7kSzkRC9wz8byvptc04e73rj5Zk85XawdAUUDGLgeMxIqyKMKvErWXI44P6hE3Mm_MlnYHpE58m_U4Kfj80X5IbPHYJcLDXtc0Xz4v8HezanUFWvUL-Tiz2-u4RYcqWWBeAqRXlW8FRRuGhzjWwmHcRvsbV4evXxZDu-OQbC0IFZC4qTqsuFvovMeEM5lHI3gmHVHenYLdhXPBmtRUSa8hnlK5BCHVjugWcfPlg9kIakRtBVX4fBXIfacewc49lXymAlHFmO2yCWCPNOTqPO6C96EpqcadOeehzAA3uAZUYwlTwvQtqHQoOPC0CFUgGMtWxDJTQXaVD2hs-oKY0VoHaSTo09bPbKXke9rh3H8vCobNl_g1toAdBhwmPHguQTCrLLVdns5WnrF7_vqTCUo64qz_JbijC36C-IBvq5TgVusIf2HSv-IuO_SQ893BUTciWbbeFCmtyEPg3r0DFF0c8ZFJaJ9adxylfwFh1x59C40LY7XhviVmEEySfu3tcnHLWb77RIB8roTsoE0Hb-mnTc0c21njI0J1UTI670wxfuGtcZXNOGjX8Xq8z77BJdfHrPGqiVhBqSWJpbCj1CDQjRPdCbAJibDF6r6uR09OJWroKuUIpjsJAJ1qXCN1R2k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://money-mint8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 10:34:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0EBA
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-4WiRyrotlYowh33PtVRokV5aXlrQfvL6Rds35MCieNg8D_XD68HfqfhL0QFGw6qXlTDxGmfL2w89PiIp5V_kPNr3Tec7iuuO506kOZ_gjP1svkn8pZTWlCjQTA&sai=AMfl-YR5FwTISN3Ba3KSj9kjfZU4yCLCai9MwaPKaJBIrBzEmiA11OpMoJLD0lV29Jl1YQjp5SAe7pyeioZ2&sig=Cg0ArKJSzGHjW61MnAxdEAE&id=lidar2&mcvt=1000&p=680,1072,960,1408&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=231095531&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629455691302&dlt=718&rpt=64&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 10:34:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gaDevIds function| $ function| jQuery object| Ts_ade3df9f91f0e0475415ac1cc92d1d58 object| Ts object| wpp_params object| WordPressPopularPosts object| adsbygoogle object| cocoon_localize_script_options object| jQuery112404810151936234317 object| tocplus function| disableSelection function| wpccpDisableCtrlActions function| wpccpDisableKeys function| wpccpDisablePrintScreen undefined| selector undefined| element undefined| con object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: IDE
Value: AHWqTUk97RpUmjpiup2MEnWEpHeoRE-GQ7F3Digc7rZuCFPzuVioCOlusr_wUTZr5ks
.money-mint8.com/ Name: __gads
Value: ID=79900967e65db1bf-22b7dce5b0c900d7:T=1629455691:RT=1629455691:S=ALNI_MaEtYTrVjD1ZP8wfYilExO2I18KtA

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
googleads.g.doubleclick.net
money-mint8.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
secure.gravatar.com
tpc.googlesyndication.com
webfonts.sakura.ne.jp
www.google-analytics.com
www.google.com
www.googletagservices.com
www.money-mint8.com
142.250.181.226
2606:4700::6810:135e
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:809::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a04:4e42:3::485
2a04:fa87:fffe::c000:4902
49.212.180.199
59.106.25.13
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b10e252974acdc4cf5299e0b0add9b6b023014781382453616339175a07c986
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
275474994c71c0ba3c291506f91311835a68bf8a76aaa8c8c4c0f2efc0f35a96
286d3b862c6f794c0e5d11fc0468a8c8a1d7f45f7cd6d211e4273c472cb3a919
2a3a9b471470d4a2f7ef9d00a796b124f15af53df95e7c693814bdfc40995e6e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2ed5b0d9ae5959fa90a26a92a923de7cd8e792c64838d4ccea6e853bd792ab6e
3c848decf5e413951239c331286a43897db3faf749b6d54961141ec0e0144baf
42b1291f205e30914c1ad28643764cce277a03c4f06d2b828058697c56dcf58f
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
472af782e0e4309583789263a1f51e00ba8504274ebc1797c62049648557c574
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
499894c6fe72135a0944b9e732f3ebb3734534af89c8953934de2715647ddb5f
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50a6260a4cb12df47112cc60941d2936ec212954734c70f0fa1ba6fc30864111
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5ef37f82fe8e1569d97ed564c521e02053b5ab0fae41d26b7d4a5e410ffe6266
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
62fd31a661e9a9e0b8ecd35638593814d05821bc32fe2bbfc378864d26f6108a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
70f696fe7667c2b7767e6c369e150a558783860c855316a3e20a85b208bde7bb
747b1267a565fe7bb5846ded293c55cd535b012a62920d6e37eaf9d97b478081
7bbc94f6e8b8f2024e2dbe47ea8b075759f76aa2f04df847dfa22657bfbb325f
7fc9ed966f8e59e2590a64432de0caaf3a9ae43e42ae12234674731937c9118a
8b76202dac2e70f3275295d412ee8956f8cb7a145f212e96be22f1eb17b29f98
97d04091146dbf2837cd339ad64b845cdfb1436fdb88861e2143d49b209fd97e
9a7330fd435eb85d95353f8ff6ce7bcf64fd1156976d819973439c93e27e3875
9e4d2acb71c88280f3a0361c6812263489541b965826ddf8e2428280e77b6ab4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1c2699161386c105ea31e6532245bd1a89fd914b52c4e5b925f1ec2964ffb98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6be01fe8df01d1848ffe869bd110419db7799a19109341ccbaef1359a797c08
a8c1883b9e9af2d6d6f791d51ef4ba5eebb7e06afbb6ab42ac6067e81373460a
aa8b2a449f4bd08d60d370bc75b02f2720022e93842a7118f74cec199975a195
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba5b3faf25044348c404c8bf6c73bb08a9fbd24b28ffcc46e235050a6a6492d6
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bf22c770b8efd337825b8c95b64243ff1ee5037015dfd8d85f7fe2248df54c26
bfdc54b5ea3d8dd9457e30f574b7dfa37b4d0497aee7fa4e09da7ae2540ae8e5
c500ded683ea548030aea3e0e890cb03b6b41012fa9abf994b81812f844342d4
cae69e643674ce071a2b636b10b21583a97e9fc958a8f5a21c14d3aff49790b4
cf216a3d62ebc4df15d9c1a3ce059abb5d84a30daf61d52976ce256c82dc7d38
cfcc038eafff1dd7ea8508b07b03b46f1c0cc60fb0d3eb624bc1126b2a613e20
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9cec9ae54e0b5e0aea4ab7dd37c6ea8c426232963eab9566d9aff24556b7ad4
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
e08f64e5c56e8de6a33a9b7654c38fdf9465db358d3d1174b32d652bbfdd4d30
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e65dbbe5b03da4fc6a7a8096ed9ab485143c840d795fd2d6ac6e62f46f2cbdbe
ee67d51538763a7388ec351771eb0f52861c1cd828470e7ecf29e217a1d6a7ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26d98c3973c7df12d78bbb4164589b59dc42d4797b58471b358364c1005b2d3
f3552215efd8efc3354791f2ba0dadb6c449a2009723ec21f832f12b615b80a3
f3b7d63d1059022ef784acecd8e1e9f6f50c2faae6e8bfcb98f36a4594581c2e
f6eb52d6fb472c262b086cbd52ed11b4c39eb200021b3b66597cfd2dd7f6b202
fac02a96e87d9afaa0ccb933490c281386d6f3b3971e419c747fd6e1f5875e1f