shrugmoney.com Open in urlscan Pro
50.87.224.231 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shrugmoney.com/
Submission: On October 28 via automatic, source certstream-suspicious (October 28th 2022, 6:18:04 am UTC) — Scanned from DE

Summary HTTP 122 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 20 domains to perform 122 HTTP transactions. The main IP is 50.87.224.231, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is shrugmoney.com.
TLS certificate: Issued by R3 on August 1st 2022. Valid for: 3 months.

This is the only time shrugmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	50.87.224.231 50.87.224.231	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
5	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
4 4	88.221.168.166 88.221.168.166	16625 (AKAMAI-AS) (AKAMAI-AS)
11	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce	16509 (AMAZON-02) (AMAZON-02)
122	21

17 50.87.224.231 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: wp29.bluehost.com

shrugmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.168.166 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	482 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 209	160 KB
17	shrugmoney.com shrugmoney.com	165 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	167 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	wp.com stats.wp.com — Cisco Umbrella Rank: 2597 i0.wp.com — Cisco Umbrella Rank: 2821 pixel.wp.com — Cisco Umbrella Rank: 2393	22 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	5 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1435	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 189	188 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 663	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	917 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1372	414 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 640	796 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9234	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1519	297 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	700 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	43 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
122	20

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	shrugmoney.com	shrugmoney.com
15	pagead2.googlesyndication.com	shrugmoney.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com shrugmoney.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	shrugmoney.com googleads.g.doubleclick.net
6	fonts.googleapis.com	shrugmoney.com googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	i0.wp.com	shrugmoney.com
5	fonts.gstatic.com	fonts.googleapis.com
4	e.dlx.addthis.com	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	shrugmoney.com
1	stats.wp.com	shrugmoney.com
1	www.googletagmanager.com	shrugmoney.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
122	26

This site contains no links.

Subject Issuer	Validity	Valid
www.shrugmoney.com R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://shrugmoney.com/
Frame ID: 9F8ECD141042AA67B9C3BE4C9F1F061C
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: 6260EA83B5E320EA6E6BB8D2E849B21D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&adk=1812271804&adf=3025194257&lmt=1666937877&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshrugmoney.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937877637&bpp=8&bdt=2128&idt=241&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2211241532322&frm=20&pv=2&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=259
Frame ID: 5C981AEAF226D505F22807289FA4BAC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13
Frame ID: BBE2FD42A9C4DC3142254D22A37C3A78
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16
Frame ID: 1F680CE3C73D0020B99F975BA3D8A4F8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: CBA0C9AB41F674E6A67F6EF9E29E67FC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3566B2F8C4DCD54C332E71864D41700A
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5C439BFDEF5FABB37D458C5A82AF6B4D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 79724B89DEB3D885AC45775F65D1443F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 898594AF9997D769D7B053B8C7386A3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 206F52DDE671129B83535FD22CD46F59
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5FB282098A0BB566A56B58733205E5DA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2606A2FED1965BA49BF9CC15B073375D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 60907ADFBC9E43050EE7B404A24D2750
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: E5F5E206F929BB4387CEB01A3884FD40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: F3A579B31DEEBF3E0F06D9BEC137027A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF4CEE14521F81A5EAD72271BD559C48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7476C7C977644761985D1768D0FF62C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

$HRUG MONEY -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

122
Requests

91 %
HTTPS

63 %
IPv6

20
Domains

26
Subdomains

21
IPs

4
Countries

1256 kB
Transfer

3271 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg__9jPacaFKVRXIT3E29U1VhbOW8JcQFS7GrkBbqUF6CcQ_t4hvlFZ7Zj75qiizkWDQOwvxgRH-Im91-VLZU6QoOyeufkw&google_gid=CAESEJ4yWhEnt6G_kTTWkPPStho&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg__9jPacaFKVRXIT3E29U1VhbOW8JcQFS7GrkBbqUF6CcQ_t4hvlFZ7Zj75qiizkWDQOwvxgRH-Im91-VLZU6QoOyeufkw&google_gid=CAESEJ4yWhEnt6G_kTTWkPPStho&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg__9jPacaFKVRXIT3E29U1VhbOW8JcQFS7GrkBbqUF6CcQ_t4hvlFZ7Zj75qiizkWDQOwvxgRH-Im91-VLZU6QoOyeufkw

Request Chain 92

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELk4NLP2rPmBa3oEt6OFgvU&google_cver=1&google_push=AZmPxg9dH0sxsxZzaGkBV7Co3viNSEjNM_5Wd1l9_u7m0qmtjdUXwX812-r0c8gr8_TWG5sZt7L9mIo_gR6G2Yr5SjfbvClMxnM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELk4NLP2rPmBa3oEt6OFgvU&google_cver=1&google_push=AZmPxg9dH0sxsxZzaGkBV7Co3viNSEjNM_5Wd1l9_u7m0qmtjdUXwX812-r0c8gr8_TWG5sZt7L9mIo_gR6G2Yr5SjfbvClMxnM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F0tmF9mrRROPbyP3BG072w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9dH0sxsxZzaGkBV7Co3viNSEjNM_5Wd1l9_u7m0qmtjdUXwX812-r0c8gr8_TWG5sZt7L9mIo_gR6G2Yr5SjfbvClMxnM

Request Chain 93

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKSL5dab7S32MsyjeZg9Ceg&google_cver=1&google_push=AZmPxg8j7nxViRwlaA-qJsbwi5jhVzdbZfFuc4B0pDiMNvjL4RjGX3z1-Fg4tWRT_BnJBpwlcfLA4SOEXqS4CtczGwYF9oQW7hDM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWVVEtSy1HMjda&google_push=AZmPxg8j7nxViRwlaA-qJsbwi5jhVzdbZfFuc4B0pDiMNvjL4RjGX3z1-Fg4tWRT_BnJBpwlcfLA4SOEXqS4CtczGwYF9oQW7hDM

Request Chain 94

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_cver=1&google_push=AZmPxg--J0kdJ69NbCZeYj0YufIYw79-uqqx-d6kCshqptz5jVci9rsSgFW6la3l4euTcdcfcTpPedfcq7XLcPJosHWTslsyfzQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_push=AZmPxg--J0kdJ69NbCZeYj0YufIYw79-uqqx-d6kCshqptz5jVci9rsSgFW6la3l4euTcdcfcTpPedfcq7XLcPJosHWTslsyfzQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg--J0kdJ69NbCZeYj0YufIYw79-uqqx-d6kCshqptz5jVci9rsSgFW6la3l4euTcdcfcTpPedfcq7XLcPJosHWTslsyfzQ

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENgFUrlvAwSdsoQGGKJwi2U&google_cver=1&google_push=AZmPxg8u8DJx6HyooHVQy-1UGZ9UrcDm96H5CxSSf6NRu7O7BU1DsgoTOmbxLaUKiw9hP_pfuBSQJyPOPo0OCl3MLKZV966M4ihL HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8u8DJx6HyooHVQy-1UGZ9UrcDm96H5CxSSf6NRu7O7BU1DsgoTOmbxLaUKiw9hP_pfuBSQJyPOPo0OCl3MLKZV966M4ihL&google_hm=zUHSHfDy9kgN2QSdPK5B9A

Request Chain 107

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_YVO7GSeawMF2qldeo1E19gA1VYLfXin3eMprCH9xrh6ksXE-7Zv6Dn3QbxVseDicet4MbWwdVo8gyJo6vanWrNPI8Rlc6&google_gid=CAESEEJGKacMKkEaouaRHIL8dFU&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_YVO7GSeawMF2qldeo1E19gA1VYLfXin3eMprCH9xrh6ksXE-7Zv6Dn3QbxVseDicet4MbWwdVo8gyJo6vanWrNPI8Rlc6&google_gid=CAESEEJGKacMKkEaouaRHIL8dFU&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg_YVO7GSeawMF2qldeo1E19gA1VYLfXin3eMprCH9xrh6ksXE-7Zv6Dn3QbxVseDicet4MbWwdVo8gyJo6vanWrNPI8Rlc6

Request Chain 109

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGxhjNVmbHlYJ0nrYwet_Cc&google_cver=1&google_push=AZmPxg8q114CFpOqzKLGJfZ4dr6S-ybI6xzT_eCtz1oP-Kp6gVdwt40GZTcqw9nqziVpeB9uWAWQt-PNqFCAHcORs52LmVMIzRHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=50rFUnShQaOzXSk_kiDkBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8q114CFpOqzKLGJfZ4dr6S-ybI6xzT_eCtz1oP-Kp6gVdwt40GZTcqw9nqziVpeB9uWAWQt-PNqFCAHcORs52LmVMIzRHg

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH6T-GcPLgmAkSMuoQtbqqc&google_cver=1&google_push=AZmPxg9vXQUtkGDXvieGXfa8nFyj1XWicIAXvtl97egx0Itf38eeSwSYegpinpGpv4cJ8PaBz4VHjO4t3bszKl8_m-Wgc2u2DhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWV0YtMTItQUZaOQ==&google_push=AZmPxg9vXQUtkGDXvieGXfa8nFyj1XWicIAXvtl97egx0Itf38eeSwSYegpinpGpv4cJ8PaBz4VHjO4t3bszKl8_m-Wgc2u2DhY

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDIzdhAPuymrIzMdDbJD3NU&google_cver=1&google_push=AZmPxg8OUZcHokkA7EkiXpd34DPMXqeZMSbzRmYsh4TWQe8GMD3t6Ck1hFDS5TWyagzweczwdjN4E5LIB0ETNnjQ2gVMG9W9ClIK HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDIzdhAPuymrIzMdDbJD3NU&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg8OUZcHokkA7EkiXpd34DPMXqeZMSbzRmYsh4TWQe8GMD3t6Ck1hFDS5TWyagzweczwdjN4E5LIB0ETNnjQ2gVMG9W9ClIK

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

122 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
shrugmoney.com/ 41 KB
13 KB 1127ms
774ms Document
text/html 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: ef8cae5818513fb2cb670516c6c3c7eb7ec9efb4c943676707a720d91cc8bedb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 12774
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 06:17:54 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
link: <https://shrugmoney.com/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding
x-server-cache: false

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 141ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56740281-4

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1709601f3be4a07e0435448c1ac2c1b606d040a068c7494454450b1427cbab29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43598
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 06:17:55 GMT

GET
H2 200 style.css
shrugmoney.com/wp-content/themes/magazine-pro/ 40 KB
11 KB 704ms
697ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/themes/magazine-pro/style.css?ver=3.1
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: 63510689b7b72fd3624e864c9891d8d3730a4cb209408a6789d47757123a35b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Tue, 28 Aug 2018 00:04:23 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 11235

GET
H2 200 style.min.css
shrugmoney.com/wp-includes/css/dist/block-library/ 87 KB
16 KB 872ms
866ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 04:03:00 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 16594

GET
H2 200 mediaelementplayer-legacy.min.css
shrugmoney.com/wp-includes/js/mediaelement/ 11 KB
3 KB 871ms
865ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 10:14:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 3239

GET
H2 200 wp-mediaelement.min.css
shrugmoney.com/wp-includes/js/mediaelement/ 4 KB
1 KB 872ms
866ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Tue, 12 Nov 2019 22:16:56 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 1298

GET
H2 200 widget-options.css
shrugmoney.com/wp-content/plugins/widget-options/assets/css/ 1 KB
371 B 188ms
182ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Sun, 25 Sep 2022 04:26:19 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 281

GET
H2 200 dashicons.min.css
shrugmoney.com/wp-includes/css/ 58 KB
35 KB 359ms
354ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-includes/css/dashicons.min.css?ver=6.0.3
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:44:50 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 136ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a6f024f1d0ba5956e7555b3e9f68f47d4bcf47db6808916d65bc4a3c676274a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 05:41:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 06:17:55 GMT

GET
H2 200 dpp-custom-styles-79c1880b3eb9b158eb744c8a4d673aed
shrugmoney.com/ 9 KB
1 KB 1553ms
1548ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://shrugmoney.com/dpp-custom-styles-79c1880b3eb9b158eb744c8a4d673aed?ver=6.0.3

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

wp29.bluehost.com

Software

Apache /

Resource Hash

472b04ff74ef4e4d01dcce218d2d616f3d6d56a24e4fa7f054e28d05e59acef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Aug 2018 02:54:18 GMT
server: Apache
x-server-cache: false
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 1143

GET
H2 200 jetpack.css
shrugmoney.com/wp-content/plugins/jetpack/css/ 84 KB
23 KB 870ms
865ms Stylesheet
text/css 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.4
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: 7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 04:06:25 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t

GET
H2 200 frontend-gtag.min.js Show response
shrugmoney.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
4 KB 188ms
183ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 20:35:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 3861

GET
H2 200 jquery.min.js Show response
shrugmoney.com/wp-includes/js/jquery/ 87 KB
38 KB 870ms
866ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 04:02:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t

GET
H2 200 jquery-migrate.min.js Show response
shrugmoney.com/wp-includes/js/jquery/ 11 KB
5 KB 1214ms
1209ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 10:14:45 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 4618

GET
H2 200 entry-date.js Show response
shrugmoney.com/wp-content/themes/magazine-pro/js/ 354 B
287 B 1213ms
1208ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/themes/magazine-pro/js/entry-date.js?ver=1.0.0
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: b78e65503fafc5550f2013a3c8e6d3a846998d81511e0150a790af60138eca44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Tue, 28 Aug 2018 00:04:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 232

GET
H2 200 responsive-menu.js Show response
shrugmoney.com/wp-content/themes/magazine-pro/js/ 867 B
372 B 1213ms
1209ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/themes/magazine-pro/js/responsive-menu.js?ver=1.0.0
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: bf820c2e5608b055b98402b2f885df349d9f9e605ff3fd7a4c03f1c49d5c8264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Tue, 28 Aug 2018 00:04:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 339

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 158ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62cfa5c6ed7b44cbd2991b305f4e3415f43950720d6b1f5ecd7369c5c1b6990b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55319
x-xss-protection: 0
server: cafe
etag: 897609365824562676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 06:17:57 GMT

GET
H2 200 photon.min.js Show response
shrugmoney.com/wp-content/plugins/jetpack/_inc/build/photon/ 685 B
402 B 1214ms
1210ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 04:06:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 369

GET
H2 200 frontend.min.js Show response
shrugmoney.com/wp-content/plugins/q2w3-fixed-widget/js/ 22 KB
7 KB 1214ms
1210ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.0
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: 814bd6513af338f300cb53688888d89b93650059a12adc3240e5c6ffbfd1c55a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:55 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 16:11:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 7209

GET
H2 200 e-202243.js Show response
stats.wp.com/ 9 KB
3 KB 118ms
36ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202243.js
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 28 Oct 2022 06:17:57 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 15 Oct 2023 23:38:08 GMT

GET
H2 200 wp-emoji-release.min.js Show response
shrugmoney.com/wp-includes/js/ 18 KB
5 KB 179ms
178ms Script
application/javascript 50.87.224.231
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://shrugmoney.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.224.231 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: wp29.bluehost.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:57 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 04:03:58 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: d3AuYmx1ZWhvc3QuY29t
content-length: 5321

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56740281-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 05:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4559
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 07:01:58 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 163ms
78ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shrugmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 08:23:46 GMT
x-content-type-options: nosniff
age: 597251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 08:23:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shrugmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 554137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:22:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 131ms
47ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CRaleway%3A400%2C500%2C900&ver=3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shrugmoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 579784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H2 200 2018.10.25K.jpg
i0.wp.com/shrugmoney.com/wp-content/uploads/2018/10/ 6 KB
7 KB 1279ms
1193ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/shrugmoney.com/wp-content/uploads/2018/10/2018.10.25K.jpg?resize=150%2C150&ssl=1

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ce7471cc6007961e306287d7d26b03a11971fe332b2c02bde3938fc2fedfff48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Fri, 28 Oct 2022 06:17:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Oct 2022 06:17:58 GMT
server: nginx
etag: "e3ecb645ee57fbc2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://shrugmoney.com/wp-content/uploads/2018/10/2018.10.25K.jpg>; rel="canonical"
content-length: 6594
expires: Sun, 27 Oct 2024 18:17:58 GMT

GET
H2 200 PG-Feature-001.jpg
i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/ 6 KB
6 KB 1131ms
1046ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/PG-Feature-001.jpg?resize=150%2C150&ssl=1

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

da20d46e8728bacb38e18343f34b77453e09e79e2dcd32a61bc4cd0549a738ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 28 Oct 2022 06:17:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Oct 2022 06:17:58 GMT
server: nginx
etag: "d234adea4d672d9f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://shrugmoney.com/wp-content/uploads/2018/09/PG-Feature-001.jpg>; rel="canonical"
content-length: 5776
expires: Sun, 27 Oct 2024 18:17:58 GMT

GET
H2 200 2018.09.05D.jpg
i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/ 1 KB
1 KB 1131ms
1054ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/2018.09.05D.jpg?resize=150%2C150&ssl=1

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5dea31dc58c803bcf97fa387fedff2164f6b1d99adc6443214c223318145b648

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

x-nc: MISS hhn 2
date: Fri, 28 Oct 2022 06:17:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Oct 2022 06:17:58 GMT
server: nginx
etag: "fea6ff1429867e9e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://shrugmoney.com/wp-content/uploads/2018/09/2018.09.05D.jpg>; rel="canonical"
content-length: 1152
expires: Sun, 27 Oct 2024 18:17:58 GMT

GET
H2 200 netflix-cover.jpg
i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/ 2 KB
2 KB 1144ms
1067ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/netflix-cover.jpg?resize=150%2C150&ssl=1

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ee63d285460ae72e8be86c142eb3b7631cd127a74a2e38144d6b0a498f9afdc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Fri, 28 Oct 2022 06:17:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Oct 2022 06:17:58 GMT
server: nginx
etag: "4f585119dbc0e993"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://shrugmoney.com/wp-content/uploads/2018/09/netflix-cover.jpg>; rel="canonical"
content-length: 1574
expires: Sun, 27 Oct 2024 18:17:58 GMT

GET
H2 200 Letgo-Feature.jpg
i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/ 3 KB
3 KB 1285ms
1208ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/shrugmoney.com/wp-content/uploads/2018/09/Letgo-Feature.jpg?resize=150%2C150&ssl=1

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b5e5557b4884f6ca1cece61e3d2d453326937ebb94ea207804126fbeda728fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Fri, 28 Oct 2022 06:17:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Oct 2022 06:17:58 GMT
server: nginx
etag: "1823564f571c271e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://shrugmoney.com/wp-content/uploads/2018/09/Letgo-Feature.jpg>; rel="canonical"
content-length: 3110
expires: Sun, 27 Oct 2024 18:17:58 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 44ms
36ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=209500490&post=0&tz=-4&srv=shrugmoney.com&host=shrugmoney.com&ref=&fcp=3057&rand=0.12601868830099816
Requested by: Host: shrugmoney.com
URL: https://shrugmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 06:17:57 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 44ms
43ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1775394597&t=pageview&_s=1&dl=https%3A%2F%2Fshrugmoney.com%2F&ul=en-us&de=UTF-8&dt=%24HRUG%20MONEY%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=655977922&gjid=1533833259&cid=1438746933.1666937878&tid=UA-56740281-4&_gid=788896842.1666937878&_r=1&gtm=2ouaq0&did=dZGIzZG&gdid=dZGIzZG&z=98731610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrugmoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shrugmoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 353 KB
116 KB 147ms
71ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8267104888736834&plah=shrugmoney.com&bust=31070540

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc4b5698acdba338a3eb73845c70c8268d9daaf678eed6d1c816aa547c3829e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118887
x-xss-protection: 0
server: cafe
etag: 1590170636948128295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 06:17:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame 6260 10 KB
5 KB 120ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:38:25 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 18:38:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
700 B 129ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shrugmoney.com&callback=_gfp_s_&client=ca-pub-8267104888736834&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8267104888736834&plah=shrugmoney.com&bust=31070540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b14a477dab97979edb6226e47704f76c39a8532867e32a787a498120bb611669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
46ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shrugmoney.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shrugmoney.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C98 285 KB
68 KB 879ms
802ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&adk=1812271804&adf=3025194257&lmt=1666937877&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshrugmoney.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937877637&bpp=8&bdt=2128&idt=241&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2211241532322&frm=20&pv=2&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=259

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c822ba0da36fa8bd5f6cef9508d89ab2eeb5e8e7292e596b6b1949f5c0456431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 69642
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:17:58 GMT
expires: Fri, 28 Oct 2022 06:17:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 151 KB
51 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/reactive_library_fy2021.js?bust=31070540

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ce15ebe2e4406180f88352cf91e52910987dde2aebc9b0e96d40ce8e819cb8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52396
x-xss-protection: 0
server: cafe
etag: 15530202258972419609
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 06:17:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=2090&su=shrugmoney.com&d=5000&pvc=823969331910829&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 125ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shrugmoney.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shrugmoney.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBE2 86 KB
33 KB 556ms
555ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29c523d5c54e353d20a8966f4bb2fec86184c842b5bd9b525d6a5efadf798af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33762
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:17:59 GMT
expires: Fri, 28 Oct 2022 06:17:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F68 114 KB
43 KB 700ms
699ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd46c571d015cc36a8b6476b2b03790b7c220f6310ed36bf27b902f119db15a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44151
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:17:59 GMT
expires: Fri, 28 Oct 2022 06:17:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame CBA0 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame 3566 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame CBA0 4 KB
636 B 127ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 05:35:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CBA0 205 B
519 B 134ms
48ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 23:17:41 GMT
x-content-type-options: nosniff
age: 25218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Oct 2023 23:17:41 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CBA0 604 B
695 B 135ms
49ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:29:08 GMT
x-content-type-options: nosniff
age: 17331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Oct 2023 01:29:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame CBA0 19 KB
8 KB 123ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:31:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3566 8 KB
895 B 114ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 05:16:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 3566 2 KB
847 B 150ms
78ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:28:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3566 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwkYIFnRbY_U9iaL27w-10LLIAcOLkbxsq_jy2aYQoJaA7JACEAEgq9fxKGCV2oiCmAegAfi8pJEByAEJqQJZxXcs17iwPqgDAcgDywSqBOEBT9D2f4AM7FBVuBRmwxBk6ZRN4pJZEAVsh_A5Rf8SCYMuvuOv44sHaXMoM6Es1yWV8T_ERhy0Fo5hRdEoF83SWNWpea37PC2e5u-amMmsA9tt8-FXBshjsGw1mTY2jD6rCHagLb_QF1FUuQUPiyehUbU2X5QcUZzpndmk6rUqFTQ3HwbA-7m6gn_3MH_ynD7PKEXbRq91bHaDNHB60X4BYk5YU6VndS-MffTa1snb_yvFJmo7SUCKVR6rtj_vKaWgBfbeaSFDKj6Iwys7xb1B2XN58VcLAp760RXt7UGbesJcwATtzaOm3wOSBQQIBBgBkgUECAUYBKAGLoAH8MLb7gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC2vWLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi04MjY3MTA0ODg4NzM2ODM0GAA&sigh=kd_S9nvcJGw&uach_m=[UACH]&template_id=5000

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 06:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 3566 23 KB
9 KB 112ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 3566 3 KB
1 KB 149ms
79ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 3566 17 KB
7 KB 119ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3566 153 KB
48 KB 139ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 3566 33 KB
14 KB 107ms
38ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12916795230030988576/ Frame 3566 11 KB
12 KB 147ms
80ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12916795230030988576/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af51e7dbb76a5fcd6942672b4bf234f225dc17d6d0b04c14377939f1017990f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:15:23 GMT
x-content-type-options: nosniff
age: 288156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11594
x-xss-protection: 0
last-modified: Sat, 25 Dec 2021 18:11:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 22:15:23 GMT

GET
DATA 200
OK truncated
/ Frame 3566 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3566 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 5C43 8 KB
895 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 05:34:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5C43 2 KB
765 B 128ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:28:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 5C43 23 KB
9 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5C43 3 KB
1 KB 128ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 5C43 17 KB
7 KB 112ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C43 153 KB
47 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 5C43 33 KB
14 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
DATA 200
OK truncated
/ Frame 3566 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ec0e5a4f864d3b09d07270df4448e6afaa8edc9d8e72608685b7ec3f254b197

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7972 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 18:00:05 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8985 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 18:00:05 GMT

GET
H3 200 1327402355506377188
tpc.googlesyndication.com/daca_images/simgad/ Frame BBE2 27 KB
27 KB 39ms
38ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1327402355506377188

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa47973e24824eb600509a09992d472ba3b728ad347d0d41b911762bb8e565ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:42:11 GMT
x-content-type-options: nosniff
age: 282948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27446
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 16:21:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 23:42:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame BBE2 23 KB
9 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame BBE2 3 KB
1 KB 60ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame BBE2 17 KB
7 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BBE2 0
0 134ms
45ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc1dyQeotOhUVC2mP8jvG-rhRCl9XH5yoyCJNHWQM9pMzhsHbuEcXAr-tpanA79DcXWFSbgsGIYCSaOeQJwy46-KU7AA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBE2 153 KB
47 KB 130ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame BBE2 33 KB
13 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
server: cafe
etag: 5057659360189610740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BBE2 0
0 86ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CD5EYFnRbY7jdN7rJ1fAPoeiTuAmN5s3IbKSazO-jDtOGh5jIKBABIKvX8ShgldqIgpgHoAGh1fP6AsgBAqkCeOXJSS3BsD6oAwHIA8kEqgTLAU_QP9WTpDXUQJazBxuXMpoEZmG7fK1HTv1-FKB8-SFcm_bsCnaPjSVzYE-J7YUmNf_nFAK5xw2Bq-l0mVKmKZElnFcG6ppQ067LCPwQ6krsqPxvzJ7nIJ_kU7Grb_PieRQ_1X5q1xuj7NJuHQOG4Bf67J4Uuj28M8dk_G1K5FtHcWppYA1NwI1BWySaEKRzTjo4UtEd0P3hYuKyMDb5tMYERKtvZgXfkEp72T_4j6fVOfwdSoJFhhrxFI8QwIqpZKD87Lys-3uPwufuwAS0vIGJ8wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHx6qMhQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDDjxfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjY3MTA0ODg4NzM2ODM0GAA&sigh=plXb_XFrM18&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 06:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 206F 143 B
166 B 41ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5FB2 1 KB
643 B 41ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 11:23:52 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 11:23:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 1F68 10 KB
804 B 48ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500|Roboto:300,400,500&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04943e405d730554446906372dab5cda026e6edcc20ae64f2ea00490665ac2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 06:17:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1F68 10 KB
804 B 52ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500|Roboto:300,400,500&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04943e405d730554446906372dab5cda026e6edcc20ae64f2ea00490665ac2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 06:17:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1F68 35 KB
14 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13949
x-xss-protection: 0
server: cafe
etag: 10882980839202096411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F68 153 KB
47 KB 99ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 06:17:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 1F68 23 KB
9 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1F68 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 15:50:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1F68 17 KB
7 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:22:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1F68 0
0 44ms
44ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ51NRtt42yqocyjgtIPLB8-lEQxjSGmY1ssGvl80mLRAY5lY3Tm8hbXpmvIaBr4GTEUUfwa0D4wRSmhxxBLJTYQOUjVQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BBE2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9843e9d246bd5d5e57cc91e426ff1be4dd0f357e2384f5769d0fc335f0d1208

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5FB2 35 B
464 B 135ms
41ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJwOnmKqqJxZbeGp72-MkNY&google_cver=1&google_push=AZmPxg9CL2EDekMggocbcxnr3XRoX7zOo4adZZw9slBCg1xknU5I8-tf8XTaug98xDiUtFa3UqDyHplstGJuApyCMf3oKir8KTh0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FB2
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg__9jPa...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg__9jPa...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg__9jPacaFKVRXIT3E29U1VhbOW8JcQFS7GrkBbqUF6CcQ_t4hvlFZ7Zj75qiizkW...

170 B
188 B

223ms
222ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg__9jPacaFKVRXIT3E29U1VhbOW8JcQFS7GrkBbqUF6CcQ_t4hvlFZ7Zj75qiizkWDQOwvxgRH-Im91-VLZU6QoOyeufkw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:18:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg__9jPacaFKVRXIT3E29U1VhbOW8JcQFS7GrkBbqUF6CcQ_t4hvlFZ7Zj75qiizkWDQOwvxgRH-Im91-VLZU6QoOyeufkw
pragma: no-cache
date: Fri, 28 Oct 2022 06:18:00 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 28 Oct 2022 06:18:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5FB2 43 B
350 B 156ms
48ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMiBV1rbPif0MwzTF1pfQFA&google_cver=1&google_push=AZmPxg9CJ8lSE4AN4B4uCjb2MCwJEYG5moGYsGkHtie09OOPKQ2V1rkHJaFzILeLiuU02Fhl3O3AhorzNMh0ITALYtwjiAGVC3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b60o46p42u01acsq7ul19ucdba7144ir

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FB2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F0tmF9mrRROPbyP3BG072w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F0tmF9mrRROPbyP3BG072w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9dH0sxsxZzaGkBV7Co3viNSEjNM_5Wd1l9_u7m0qmtjdUXwX812-r0c8gr8_TWG5sZt7L9mIo_gR6G2Yr5SjfbvClMxnM

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F0tmF9mrRROPbyP3BG072w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9dH0sxsxZzaGkBV7Co3viNSEjNM_5Wd1l9_u7m0qmtjdUXwX812-r0c8gr8_TWG5sZt7L9mIo_gR6G2Yr5SjfbvClMxnM
date: Fri, 28 Oct 2022 06:17:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FB2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKSL5dab7S32MsyjeZg9Ceg&google_cver=1&google_push=AZmPxg8j7nxViRwlaA-qJsbwi5jhVzdbZfFuc4B0pDiMNvjL4RjGX3z1-Fg4tWRT_BnJBpwlcfL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWVVEtSy1HMjda&google_push=AZmPxg8j7nxViRwlaA-qJsbwi5jhVzdbZfFuc4B0pDiMNvjL4RjGX3z1-Fg4tWRT_BnJBpwlcfLA4SOEXqS4CtczGwYF9oQW7hDM

170 B
188 B

130ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWVVEtSy1HMjda&google_push=AZmPxg8j7nxViRwlaA-qJsbwi5jhVzdbZfFuc4B0pDiMNvjL4RjGX3z1-Fg4tWRT_BnJBpwlcfLA4SOEXqS4CtczGwYF9oQW7hDM

Requested by

Host: shrugmoney.com
URL: https://shrugmoney.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWVVEtSy1HMjda&google_push=AZmPxg8j7nxViRwlaA-qJsbwi5jhVzdbZfFuc4B0pDiMNvjL4RjGX3z1-Fg4tWRT_BnJBpwlcfLA4SOEXqS4CtczGwYF9oQW7hDM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FB2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg--J0kdJ69NbCZeYj0YufIYw79-uqqx-...

170 B
188 B

48ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg--J0kdJ69NbCZeYj0YufIYw79-uqqx-d6kCshqptz5jVci9rsSgFW6la3l4euTcdcfcTpPedfcq7XLcPJosHWTslsyfzQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIQZKDC7MbEClIfi_AXllYg&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg--J0kdJ69NbCZeYj0YufIYw79-uqqx-d6kCshqptz5jVci9rsSgFW6la3l4euTcdcfcTpPedfcq7XLcPJosHWTslsyfzQ
cache-control: no-cache
cf-ray: 76118d353aaebbb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 5FB2 43 B
297 B 266ms
46ms Image
image/gif 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGDA1Qpxhu6u2OSurzcRmQw&google_cver=1&google_push=AZmPxg8VAg_m3FrNXvUoyJDW7nDUyt069RPYteg5GZrZU_FQgwFM0ltQlp7VaHz2V9OPn_oDQXIwumNEb-vY_bw1hEMxb2sTo4Cb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2879033549&pi=t.aa~a.4212097785~rp.4&w=1140&lmt=1666937878&nsk=4653f153&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0&nras=2&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GTJysDwJp0&p=https%3A//shrugmoney.com&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:7916:ade7:6c23:40ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5FB2 0
223 B 138ms
46ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8uL2Gw27WBWeaNgmQPambFlIxPXTwr7IhhWCnsaVhXI-B5o3cjyglNmBHuk5KqpCoPtms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 206F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
57ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:17:59 GMT
expires: Fri, 28 Oct 2022 06:17:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:17:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11742942772125422072/ Frame 1F68 12 KB
12 KB 72ms
71ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11742942772125422072/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIlgEQlgEYASABLQAAAD8wlgE4lgFFAACAPw&rs=AOga4qnWrFD8KdKWCetTru0_OAYQaV7p1Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

365d39810606ca96b6680112701623adab3eea7912c7800fe78b799cbd10e5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12264
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 10:23:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 06:17:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F68 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHNrKFnRbY9OZOMSDmweU25WACPLbgvhsxOqXqoURloLNhYgWEAEgq9fxKGCV2oiCmAegAabuq8gDyAEGqAMByAPLBKoE0AFP0CU-NBIImyA2DG6IfZ6u8RJpJbmKUX5DLuybwlsjBJKLtO1HySRix-cN_bPHeCdxsFMQiCFys7I3LXUvQXBpnOOizHwjroqOe6isRd5cMKMbuwResSMYn_tOLNWy_dt1HJ-Vi6kiTgz1AuwAnwHKFSmSaobFkYvnt5ap8lGVQcIakTgJvdYkBz0C86VYpmVL4RDevsSGIXf3Eq4P6DgQo6J1La1Hn0J6TeINdNGmSIox_vWChLWWAVx_n4EBiYiOSrDg9FQcd16Urcdvv5QYwATsneLYmASSBQQIBBgBkgUECAUYBKAGN4AHwpHUN6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEOLG1gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjY3MTA0ODg4NzM2ODM0GAA&sigh=clH9tj3dzI0&uach_m=[UACH]&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 06:17:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 1F68 45 KB
45 KB 119ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500|Roboto:300,400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 08:23:46 GMT
x-content-type-options: nosniff
age: 597253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 08:23:46 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F68 16 KB
16 KB 115ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500|Roboto:300,400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 122854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 20:10:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2606 143 B
166 B 42ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6090 1 KB
643 B 42ms
41ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 11:23:52 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 11:23:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1F68 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aab095318604d49a1add7d5af6d83df1ef3679571fb9e7aca532066fb03cca72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame E5F5 36 KB
16 KB 44ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 18:00:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6090
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENgFUrlvAwSdsoQGGKJwi2U&google_cver=1&google_push=AZmPxg8u8DJx6HyooHVQy-1UGZ9UrcDm96H5CxSSf6NRu7O7BU1DsgoTOm...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8u8DJx6HyooHVQy-1UGZ9UrcDm96H5CxSSf6NRu7O7BU1DsgoTOmbxLaUKiw9hP_pfuBSQJyPOPo0OCl3MLKZV966M4ihL&google_hm=zUHSHfDy9kgN...

170 B
188 B

136ms
135ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8u8DJx6HyooHVQy-1UGZ9UrcDm96H5CxSSf6NRu7O7BU1DsgoTOmbxLaUKiw9hP_pfuBSQJyPOPo0OCl3MLKZV966M4ihL&google_hm=zUHSHfDy9kgN2QSdPK5B9A

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8u8DJx6HyooHVQy-1UGZ9UrcDm96H5CxSSf6NRu7O7BU1DsgoTOmbxLaUKiw9hP_pfuBSQJyPOPo0OCl3MLKZV966M4ihL&google_hm=zUHSHfDy9kgN2QSdPK5B9A
pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6090
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_YVO7G...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_YVO7G...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg_YVO7GSeawMF2qldeo1E19gA1VYLfXin3eMprCH9xrh6ksXE-7Zv6Dn3QbxVseDi...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg_YVO7GSeawMF2qldeo1E19gA1VYLfXin3eMprCH9xrh6ksXE-7Zv6Dn3QbxVseDicet4MbWwdVo8gyJo6vanWrNPI8Rlc6

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:18:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwNjE4MDAwMDAxODE5MzIwMDc0NA%3D%3D&google_push=AZmPxg_YVO7GSeawMF2qldeo1E19gA1VYLfXin3eMprCH9xrh6ksXE-7Zv6Dn3QbxVseDicet4MbWwdVo8gyJo6vanWrNPI8Rlc6
pragma: no-cache
date: Fri, 28 Oct 2022 06:18:00 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 28 Oct 2022 06:18:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 6090 43 B
64 B 105ms
64ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG1NW18pBHGitNHnp9BLQCM&google_cver=1&google_push=AZmPxg_mLEJixWcT2asy3n5V1RlpkgksaJDiGAgiU24u70AEv6sxGdGVHy6jsV36uJN8ryg00ZDvrq4Ff_r_AqD3ZlMohiNmqIMV
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: l4j0js5lg1dpukmsde76te22nadlukk8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6090
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=50rFUnShQaOzXSk_kiDkBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=50rFUnShQaOzXSk_kiDkBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8q114CFpOqzKLGJfZ4dr6S-ybI6xzT_eCtz1oP-Kp6gVdwt40GZTcqw9nqziVpeB9uWAWQt-PNqFCAHcORs52LmVMIzRHg

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=50rFUnShQaOzXSk_kiDkBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8q114CFpOqzKLGJfZ4dr6S-ybI6xzT_eCtz1oP-Kp6gVdwt40GZTcqw9nqziVpeB9uWAWQt-PNqFCAHcORs52LmVMIzRHg
date: Fri, 28 Oct 2022 06:17:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6090
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH6T-GcPLgmAkSMuoQtbqqc&google_cver=1&google_push=AZmPxg9vXQUtkGDXvieGXfa8nFyj1XWicIAXvtl97egx0Itf38eeSwSYegpinpGpv4cJ8PaBz4V...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWV0YtMTItQUZaOQ==&google_push=AZmPxg9vXQUtkGDXvieGXfa8nFyj1XWicIAXvtl97egx0Itf38eeSwSYegpinpGpv4cJ8PaBz4VHjO4t3bszKl8_m-Wgc2u2DhY

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWV0YtMTItQUZaOQ==&google_push=AZmPxg9vXQUtkGDXvieGXfa8nFyj1XWicIAXvtl97egx0Itf38eeSwSYegpinpGpv4cJ8PaBz4VHjO4t3bszKl8_m-Wgc2u2DhY

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTM1JWV0YtMTItQUZaOQ==&google_push=AZmPxg9vXQUtkGDXvieGXfa8nFyj1XWicIAXvtl97egx0Itf38eeSwSYegpinpGpv4cJ8PaBz4VHjO4t3bszKl8_m-Wgc2u2DhY
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6090
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDIzdhAPuymrIzMdDbJD3NU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDIzdhAPuymrIzMdDbJD3NU&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg8OUZcHokkA7EkiXpd34DPMXqeZMSbzR...

170 B
188 B

50ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDIzdhAPuymrIzMdDbJD3NU&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg8OUZcHokkA7EkiXpd34DPMXqeZMSbzRmYsh4TWQe8GMD3t6Ck1hFDS5TWyagzweczwdjN4E5LIB0ETNnjQ2gVMG9W9ClIK

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:17:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDIzdhAPuymrIzMdDbJD3NU&google_hm=Y1t0FzYTkA9Eq-BFHTDo9wAAFB0AAAIB&google_nid=index&google_push=AZmPxg8OUZcHokkA7EkiXpd34DPMXqeZMSbzRmYsh4TWQe8GMD3t6Ck1hFDS5TWyagzweczwdjN4E5LIB0ETNnjQ2gVMG9W9ClIK
cache-control: no-cache
cf-ray: 76118d353aabbbb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 6090 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6090 0
12 B 113ms
46ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lw6kh5zw5atpLwk7yU6XvXUIaNTmoKT9NL3RmQ189GUYDgL7ZwRq0mvikUSFD1RzxhlzGxNw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 127ms
51ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d07751902507f0926795f5eb8ab90a7768e888a81d9a7281e0654d02879b601f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11258
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2606
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
49ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:18:00 GMT
expires: Fri, 28 Oct 2022 06:18:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:18:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame F3A5 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8267104888736834&output=html&h=209&adk=2651927769&adf=2727906601&pi=t.aa~a.3425766090~rp.4&w=1140&lmt=1666937878&nsk=9ef5c6d1&rafmt=11&pwprc=8034456689&ad_type=text_image&format=1140x209&url=https%3A%2F%2Fshrugmoney.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666937878858&bpp=1&bdt=3349&idt=1&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec4f2b5835bee12-22d1150e59ce008e%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A&gpic=UID%3D00000b796e06c209%3AT%3D1666937877%3ART%3D1666937877%3AS%3DALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw&prev_fmts=0x0%2C1140x209&nras=3&correlator=2211241532322&frm=20&pv=1&ga_vid=1438746933.1666937878&ga_sid=1666937878&ga_hid=1775394597&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017&oid=2&pvsid=823969331910829&tmod=246558825&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=XSYR63LpLz&p=https%3A//shrugmoney.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 18:00:05 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 403ms
402ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 06:18:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3566 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnjW4uUA7pxKTInz4f3Oswap0kSyxxqj96RBa0e8UtcK7xExfIofSFDu372AwjmeEz5C2wCJL0ygmQchua9crPyo_XxcI9B2FGmsumHOrC2t7nb5vl1QcRAqH2Z-9fDkn_JqBJ3g&sai=AMfl-YTcgtVrcMCbGV-3Smlz5IoDJWnooj1dEvPSA1goJchIdYTwA2qWicQVM5RWGtmRV9LAIPpQtuLzAQDBTvA&sig=Cg0ArKJSzBnuFhcY05AGEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=91,773,1000,1097,1097&tos=91,682,227,97,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666937878927&rpt=297&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:18:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF4C 13 KB
5 KB 41ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:37:33 GMT
expires: Fri, 27 Oct 2023 18:37:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7476 783 B
535 B 48ms
47ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a26af00b7fac385a552225daca599e44a3fc360aca3e296c42cd52d9aab1ba96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SCrpxJJzg6LjvbbuXZRPtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrugmoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-SCrpxJJzg6LjvbbuXZRPtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 06:18:00 GMT
expires: Fri, 28 Oct 2022 06:18:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame AF4C 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 18:00:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7476 0
0 76ms
75ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=823969331910829&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AF4C 0
10 B 39ms
37ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DM0q5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:18:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=823969331910829&bg=!4eKl4qbNAAZPh4lnb4c7ACkAdvg8WsViedHzNiIwoeZh34Yt3TkIAamVtvPc4Al2J3oUP5WHvd5SjQIAAABqUgAAAANoAQcKAOLvNa8bo0su-_DITr2lJH_yKZxjNXbCYS9ipr_Y5DTGhTem6gnbnlhlODziZ2Zb01kLihi_42zo266Y_QSBmvdpQYlbsDf9u15nHqGaPj0DFCqicPI2C0R7UcLIxqDefcrYYaW9vmH4RMIguBgOpl4PfIUCVh4AnHg-ATFdZhKCR1zqVqCNVZk5Gix_EvrAHrJaDOh3xhh9pJKs1jgQAPWhcRrWk4d7aBrbAEldd_EKFCOuZnUhNg5WCmUW2X7fwI1noGOV4VriAURhMNN_pvtHpALIa5rS4fpH2UIopBYj3W3tmQKfbm58W3GLJIaNrkz6vuG1B3C0uC7zfPLzen0lIWklgv9u5OfqDc2U3aHj5eIrOsHim5bbG6B3WiCiKx9XxG3e9UxRatQz94sl5WhxG3KOOX_y-2SWzfgb387fITVeFK5cZyyC_UbtRP2MYrO_2cB-XDUXsO8N6fJB4KIXWmYaQ2M4F6YM_pIDZv0Lue1lEVivx1dd0olEojRwZApeDJTzTUjaKWdi0GOdZMAAXRexODDCYEkOrZvjtHZ2tntq6tevRofSzJOQjwzH5bhYsw-9Fjfz-btshPPmDQO3oDknRUoJZR9_uIK0K4PvCmKSHRGzDozQi3mWoa2kE1LcjRwndK8vhNdX02GOWV1-1rTej8NHEn5I_4Wsm6yrH1NQxjTJ75G8jjPGJfEUIO1TtnI6qJizKwMyCsAv4DMfjIruG2jMe05K_p58NYKOfPZQtuaQtDbV94_p3ttCFJroKba_6TUu28oXdc8RP6KdbRpzf30m059X9vP9y7NeD1ZiW67EEgYeX6nT43dayVleGCz_spA-c2FqF14oDcj-wYvvLNAqR3UpXJlqfIlfSVb5QPcaxCb4-brAFukbmsbZ63M3N8V2hMYpYbZn1Sq5eO6IiMM8K9Z9juBUWkg588sbf0Yy5L5rMFchtWhdbGZ8dp92Gm40Sylnppm1drVx8otHj0erTcnDA9uyjlNa9Y0tBb59bvzhrLH_o7DZPedkn6pHI3JUQxYZpFmj_fH4KMLzu3jZmschoyv1kBb9i36WMggPbfw7VIwMCICv-TzR7h4744i-dwwgKalaVRp-9pskVUNpSmTuFAcjp3-hWy8cTp1U72T_He4VtYorMc4OhZ87o2YtxoAiQfKZ84fbl1-VxooadDoBf1GvZLx_Jf7CXms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shrugmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

GET gen_204
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECgDtTcVRwaasKMAW9zDX9w&google_cver=1&google_push=AZmPxg-pkEPGaLx_Vm4eXNmW48fZFKTdhgICukdRMyChDT-_uKtHmmRbTMpwY9GHKeAS0Wa5bGNvxBCTyW3B-IxMoGlHZZMBsoMI

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=2697&su=shrugmoney.com&d=5000&pvc=823969331910829&eid=44759875%2C44759926%2C44759842%2C42531706%2C44773614%2C31069177%2C31070540%2C44775017

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shrugmoney.com/	1970-01-20 16:38:17	Name: _ga Value: GA1.2.1438746933.1666937878
.shrugmoney.com/	1970-01-20 07:03:44	Name: _gid Value: GA1.2.788896842.1666937878
.shrugmoney.com/	1970-01-20 07:02:17	Name: _gat_gtag_UA_56740281_4 Value: 1
.shrugmoney.com/	1970-01-20 16:23:53	Name: __gads Value: ID=1ec4f2b5835bee12-22d1150e59ce008e:T=1666937877:RT=1666937877:S=ALNI_Mbm7DZKobFCHo6Z7D_W6GimfSUO_A
.shrugmoney.com/	1970-01-20 16:23:53	Name: __gpi Value: UID=00000b796e06c209:T=1666937877:RT=1666937877:S=ALNI_Ma5fWEyYMHYqmKzBgehmGyc259rdw
.doubleclick.net/	1970-01-20 16:23:53	Name: IDE Value: AHWqTUnCVxPM1KMXcaKMYIwMQylYTXMOBYkmGAOa9njIZ5ti13T16yowwGei5hZrKE0
.quantserve.com/	1970-01-20 09:11:53	Name: d Value: EAcBCQG4J4EA
.quantserve.com/	1970-01-20 16:32:32	Name: mc Value: 635b7417-b8693-1486a-d61c1
.doubleclick.net/	1970-01-20 07:02:21	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 07:03:44	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 15:47:53	Name: CMID Value: Y1t0FzYTkA9Eq.BFHTDo9wAA
.casalemedia.com/	1970-01-20 09:11:53	Name: CMPS Value: 5149
.casalemedia.com/	1970-01-20 09:11:53	Name: CMPRO Value: 5149
.pubmatic.com/	1970-01-20 09:11:53	Name: KADUSERCOOKIE Value: E74AC552-74A1-41A3-B35D-293F9220E406
.innovid.com/	1970-01-20 09:11:53	Name: uuid Value: 9a804bfe-accf-4bd9-9426-660127e40390-20221028 02:17:59
.casalemedia.com/	1970-01-20 09:11:53	Name: CMTS Value: 1189
.e.dlx.addthis.com/	1970-01-20 16:32:32	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:32:32	Name: na_id Value: 2022102806180000018193200744
.addthis.com/	1970-01-20 16:32:32	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:32:32	Name: uid Value: 635b74183d3a45e0
.addthis.com/	1970-01-20 16:32:32	Name: ouid Value: 635b741800016a386d27ef2b56f523a0c0e8478c49eb6390d831
.dlx.addthis.com/	1970-01-20 07:45:29	Name: na_sr Value: 20221028
.dlx.addthis.com/	1970-01-20 07:02:17	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:45:29	Name: na_rn Value: 1
.dlx.addthis.com/	1970-01-20 07:45:29	Name: na_sc_e Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECgDtTcVRwaasKMAW9zDX9w&google_cver=1&google_push=AZmPxg-pkEPGaLx_Vm4eXNmW48fZFKTdhgICukdRMyChDT-_uKtHmmRbTMpwY9GHKeAS0Wa5bGNvxBCTyW3B-IxMoGlHZZMBsoMI Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8267104888736834&fa=1&ifi=5&uci=a!5&btvi=3&xpc=342G1RgdjD&p=https%3A//shrugmoney.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i0.wp.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
rtb.openx.net
shrugmoney.com
ssum-sec.casalemedia.com
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
pagead2.googlesyndication.com
104.18.18.126
142.250.184.194
185.64.190.78
192.0.76.3
192.0.77.2
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a05:d01c:1d8:8100:7916:ade7:6c23:40ce
35.227.252.103
50.87.224.231
69.173.144.139
88.221.168.166
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04943e405d730554446906372dab5cda026e6edcc20ae64f2ea00490665ac2a3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0ec0e5a4f864d3b09d07270df4448e6afaa8edc9d8e72608685b7ec3f254b197
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
1709601f3be4a07e0435448c1ac2c1b606d040a068c7494454450b1427cbab29
17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
29c523d5c54e353d20a8966f4bb2fec86184c842b5bd9b525d6a5efadf798af8
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
365d39810606ca96b6680112701623adab3eea7912c7800fe78b799cbd10e5cc
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
472b04ff74ef4e4d01dcce218d2d616f3d6d56a24e4fa7f054e28d05e59acef2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5645da2fda11aa729057832cf0439ad2899331a14989b6ed5890ad7d9e7e74
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5dea31dc58c803bcf97fa387fedff2164f6b1d99adc6443214c223318145b648
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cfa5c6ed7b44cbd2991b305f4e3415f43950720d6b1f5ecd7369c5c1b6990b
63510689b7b72fd3624e864c9891d8d3730a4cb209408a6789d47757123a35b9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7cd46c571d015cc36a8b6476b2b03790b7c220f6310ed36bf27b902f119db15a
7ce15ebe2e4406180f88352cf91e52910987dde2aebc9b0e96d40ce8e819cb8d
7fa4abb686798756bc90d4d6d1e4da75137160ecf2bc7ff6c103263f9842c444
814bd6513af338f300cb53688888d89b93650059a12adc3240e5c6ffbfd1c55a
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8a6f024f1d0ba5956e7555b3e9f68f47d4bcf47db6808916d65bc4a3c676274a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a26af00b7fac385a552225daca599e44a3fc360aca3e296c42cd52d9aab1ba96
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa47973e24824eb600509a09992d472ba3b728ad347d0d41b911762bb8e565ea
aab095318604d49a1add7d5af6d83df1ef3679571fb9e7aca532066fb03cca72
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
af51e7dbb76a5fcd6942672b4bf234f225dc17d6d0b04c14377939f1017990f3
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b14a477dab97979edb6226e47704f76c39a8532867e32a787a498120bb611669
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5e5557b4884f6ca1cece61e3d2d453326937ebb94ea207804126fbeda728fc0
b78e65503fafc5550f2013a3c8e6d3a846998d81511e0150a790af60138eca44
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bc4b5698acdba338a3eb73845c70c8268d9daaf678eed6d1c816aa547c3829e9
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf820c2e5608b055b98402b2f885df349d9f9e605ff3fd7a4c03f1c49d5c8264
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c822ba0da36fa8bd5f6cef9508d89ab2eeb5e8e7292e596b6b1949f5c0456431
ce7471cc6007961e306287d7d26b03a11971fe332b2c02bde3938fc2fedfff48
d07751902507f0926795f5eb8ab90a7768e888a81d9a7281e0654d02879b601f
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
da20d46e8728bacb38e18343f34b77453e09e79e2dcd32a61bc4cd0549a738ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee63d285460ae72e8be86c142eb3b7631cd127a74a2e38144d6b0a498f9afdc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8cae5818513fb2cb670516c6c3c7eb7ec9efb4c943676707a720d91cc8bedb
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9843e9d246bd5d5e57cc91e426ff1be4dd0f357e2384f5769d0fc335f0d1208

shrugmoney.com Open in urlscan Pro 50.87.224.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

91 %HTTPS

63 %IPv6

20 Domains

26 Subdomains

21 IPs

4 Countries

1256 kBTransfer

3271 kBSize

25 Cookies

0 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shrugmoney.com Open in urlscan Pro
50.87.224.231 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

91 %
HTTPS

63 %
IPv6

20
Domains

26
Subdomains

21
IPs

4
Countries

1256 kB
Transfer

3271 kB
Size

25
Cookies

122 HTTP transactions
5 data transactions