covid19stickingplaster.com Open in urlscan Pro
116.126.87.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://covid19stickingplaster.com/
Submission Tags: falconsandbox
Submission: On May 22 via api (May 22nd 2021, 11:44:44 am UTC) from US

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 41 HTTP transactions. The main IP is 116.126.87.18, located in Daejeon, Korea, Republic Of and belongs to SKB-AS SK Broadband Co Ltd, KR. The main domain is covid19stickingplaster.com.

This is the only time covid19stickingplaster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.126.87.18 116.126.87.18	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
1 1	27.96.130.131 27.96.130.131	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
12	220.230.126.70 220.230.126.70	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	178.250.0.145 178.250.0.145	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
41	16

1 116.126.87.18 (Daejeon, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

covid19stickingplaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.96.130.131 (Korea, Republic Of) 1 redirects

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 220.230.126.70 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

www.yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.145 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	219 KB
13	yesnic.com 1 redirects yesnic.com www.yesnic.com	261 KB
5	doubleclick.net googleads.g.doubleclick.net	26 KB
3	criteo.com cas.criteo.com cat.fr.eu.criteo.com gum.criteo.com	2 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google.com 1 redirects adservice.google.com www.google.com	407 B
1	google.de adservice.google.de	799 B
1	google-analytics.com ssl.google-analytics.com	17 KB
1	criteo.net static.criteo.net	37 KB
1	covid19stickingplaster.com covid19stickingplaster.com	743 B
41	10

	Domain	Requested by
12	www.yesnic.com	covid19stickingplaster.com www.yesnic.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	www.yesnic.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	gum.criteo.com	static.criteo.net
1	cat.fr.eu.criteo.com	www.yesnic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cas.criteo.com	static.criteo.net
1	ssl.google-analytics.com	www.yesnic.com
1	static.criteo.net	www.yesnic.com
1	yesnic.com	1 redirects
1	covid19stickingplaster.com
41	15

This site contains no links.

Subject Issuer	Validity	Valid
yesnic.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-10` - `2022-02-16`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-03-26` - `2021-06-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://covid19stickingplaster.com/
Frame ID: 7F0AD75E299DF75941D932FACD467FCD
Requests: 1 HTTP requests in this frame

Frame: https://www.yesnic.com/?_task=fp&_action=basic
Frame ID: 1F9EC5A85720336D44E99D37A10763AC
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 818C8C9FDD8C53DD52957ECEA219E9FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621683867&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621683867387&bpp=4&bdt=1943&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7236655504561&frm=22&ife=1&pv=2&ga_vid=1533683720.1621683867&ga_sid=1621683867&ga_hid=1865787448&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44743003&oid=3&pvsid=2828153718139405&top=http%3A%2F%2Fcovid19stickingplaster.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.zbaocc5ta0yg&fsb=1&xpc=VLaY9Y1HXW&p=https%3A//www.yesnic.com&dtd=75
Frame ID: 3E3F17560C3598A4FEC2D73B7BAC087C
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=covid19stickingplaster.com
Frame ID: FC8B1B3C9F9853B3D6D7143B82AD6D4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4003713EB7415D133652127FE46EAA6F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Frame ID: 4646808ED7BA4993C976A6C78EEDA52F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2773BCE398098BDD67BCE1CD47CD2806
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

41
Requests

98 %
HTTPS

71 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

627 kB
Transfer

1198 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yesnic.com/?_task=fp&_action=basic HTTP 301
https://www.yesnic.com/?_task=fp&_action=basic

Request Chain 34

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
covid19stickingplaster.com/ 480 B
743 B 893ms
592ms Document
text/html 116.126.87.18
SKB-AS SK Broadba...

General

Check archive.org

Show headers Download Go to

Full URL: http://covid19stickingplaster.com/
Protocol: HTTP/1.1
Server: 116.126.87.18 Daejeon, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software: Apache / PHP/5.2.17
Resource Hash: 98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51

Request headers

Host: covid19stickingplaster.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 480
Connection: close
Content-Type: text/html; charset=euc-kr

GET
H/1.1

200
OK

Cookie set / Show response
www.yesnic.com/ Frame 1F9E
Redirect Chain

http://yesnic.com/?_task=fp&_action=basic
https://www.yesnic.com/?_task=fp&_action=basic

6 KB
6 KB

1922ms
309ms

Document
text/html

220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/?_task=fp&_action=basic
Requested by: Host: covid19stickingplaster.com
URL: http://covid19stickingplaster.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 38706eedb5aea78288db13718cfb66fbf1510331d7df9617b848c98088a37bc0

Request headers

Host: www.yesnic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: frame
Referer: http://covid19stickingplaster.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://covid19stickingplaster.com/

Response headers

Date: Sat, 22 May 2021 11:44:25 GMT
Server: Apache
Set-Cookie: PHPSESSID=davo73u20bqer3hd72selqr3q7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 6030
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 22 May 2021 11:44:23 GMT
Server: Apache
Location: https://www.yesnic.com/?_task=fp&_action=basic
Content-Length: 258
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK style_forward.css
www.yesnic.com/templates/yesnic/css/ Frame 1F9E 7 KB
7 KB 270ms
269ms Stylesheet
text/css 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/templates/yesnic/css/style_forward.css
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 2618d563242aacf8282e859c657cf825f6f6c55502213fc0a204b14889d3b134

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:25 GMT
Last-Modified: Mon, 05 Apr 2021 02:47:50 GMT
Server: Apache
ETag: "1c14-5bf30b933770d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 7188

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.yesnic.com/js/ Frame 1F9E 94 KB
94 KB 549ms
275ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/jquery-1.11.3.min.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:25 GMT
Last-Modified: Tue, 28 Jul 2015 23:03:01 GMT
Server: Apache
ETag: "176d5-51bf778cb1340"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 95957

GET
H/1.1 200
OK common.js Show response
www.yesnic.com/js/ Frame 1F9E 51 KB
51 KB 840ms
279ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/common.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 71ef4835eb4df0a32a0cd973c096e74ae3f7c854ab47fa54324692766f03b855

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:26 GMT
Last-Modified: Tue, 15 Dec 2020 04:46:59 GMT
Server: Apache
ETag: "cb05-5b67972fc6e25"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 51973

GET
H/1.1 200
OK apps.js Show response
www.yesnic.com/js/ Frame 1F9E 2 KB
2 KB 846ms
281ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/apps.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:26 GMT
Last-Modified: Fri, 31 Jul 2015 05:23:16 GMT
Server: Apache
ETag: "6f7-51c25045b1900"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1783

GET
H/1.1 200
OK parking_basic.js Show response
www.yesnic.com/js/ Frame 1F9E 2 KB
3 KB 866ms
289ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/parking_basic.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 896fc0efbce89ba6f9f8e66159b07accacdb09a73641d074f08263770d8989ab

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:26 GMT
Last-Modified: Wed, 07 Jun 2017 08:04:20 GMT
Server: Apache
ETag: "9a0-5515a2ef0e900"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2464

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 1F9E 114 KB
37 KB 70ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:44:25 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 11:49:39 GMT
server: nginx
etag: W/"60a25853-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 23 May 2021 11:44:25 GMT

GET
H/1.1 200
OK logo_y_n.gif
www.yesnic.com/templates/yesnic/images/ Frame 1F9E 4 KB
4 KB 284ms
284ms Image
image/gif 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/logo_y_n.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 3f2d9802d4d18e31ec0b41fc66e7da3c1cd6373d32c515df61ab8c3127956698

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:26 GMT
Last-Modified: Thu, 05 Nov 2015 07:41:25 GMT
Server: Apache
ETag: "1035-523c641069340"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 4149

GET
H/1.1 200
OK logo_y_n2.gif
www.yesnic.com/templates/yesnic/images/ Frame 1F9E 2 KB
2 KB 279ms
279ms Image
image/gif 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/logo_y_n2.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 25a6dce0e2accd827f705712eda9010ca1ad95dba9f0ffd737b949b55535c4a1

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:27 GMT
Last-Modified: Thu, 05 Nov 2015 07:41:24 GMT
Server: Apache
ETag: "750-523c640f75100"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 1872

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1F9E 132 KB
47 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 May 2021 11:44:27 GMT

GET
H/1.1 200
OK bulk_check_domain_types_utf.php Show response
www.yesnic.com/js/ Frame 1F9E 7 KB
8 KB 302ms
301ms Script
text/html 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/bulk_check_domain_types_utf.php
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/js/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 984d5020888f5a68ac8976c55f7d313ec0850e90e02356c3be4a3d788ea9d9e0

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 7597
Content-Type: text/html; charset=UTF-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 1F9E 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5410
date: Sat, 22 May 2021 10:14:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 22 May 2021 12:14:17 GMT

GET
H/1.1 200
OK ban_kr_event1807.gif
www.yesnic.com/templates/yesnic/images/ Frame 1F9E 10 KB
11 KB 291ms
291ms Image
image/gif 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/ban_kr_event1807.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: c24f56500bf872b49d78667d89a276cce643de788dcc3302734d51710ba542da

Request headers

Referer: https://www.yesnic.com/templates/yesnic/css/style_forward.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:27 GMT
Last-Modified: Wed, 25 Jul 2018 00:19:05 GMT
Server: Apache
ETag: "29f3-571c7d389b040"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 10739

GET
H/1.1 200
OK parking_main_bg2_y.jpg
www.yesnic.com/templates/yesnic/images/ Frame 1F9E 70 KB
70 KB 273ms
273ms Image
image/jpeg 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/parking_main_bg2_y.jpg
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 4ebcb7d7a2bbf4a881f8b5b595bacae9af33e656e99390f90b421351340ee42d

Request headers

Referer: https://www.yesnic.com/templates/yesnic/css/style_forward.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:27 GMT
Last-Modified: Mon, 06 Nov 2017 07:56:56 GMT
Server: Apache
ETag: "117a8-55d4bcc5b0200"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 71592

GET
H/1.1 200
OK bg_input.gif
www.yesnic.com/templates/yesnic/images/ Frame 1F9E 2 KB
2 KB 284ms
283ms Image
image/gif 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/bg_input.gif
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: e7f40bbdbdfc693600cd81d54bbdf62aa4ff129775df7725efb8122d8a8da5f0

Request headers

Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 11:44:27 GMT
Last-Modified: Wed, 23 Sep 2015 05:11:17 GMT
Server: Apache
ETag: "823-5206324ee4740"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 2083

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ Frame 1F9E 558 B
1 KB 203ms
68ms Script
text/javascript 178.250.0.145
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.criteo.com/delivery/ajs.php?ptv=106&zoneid=806582&cb=98207588763&nodis=1&charset=UTF-8&dc=2&loc=http%3A%2F%2Fcovid19stickingplaster.com
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.145 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef53e194c622cd7a84db30cc5cb77425247798975c19b9a30c7b5a2d1f0df453

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP='CUR ADM OUR NOR STA NID'
server-processing-duration-in-ticks: 19530
content-length: 627
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame 1F9E 231 KB
85 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4007715589170015&plah=www.yesnic.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 May 2021 11:44:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 818C 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 22 May 2021 01:00:52 GMT
expires: Sat, 05 Jun 2021 01:00:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 38615
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1F9E 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yesnic.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4007715589170015&plah=www.yesnic.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1F9E 107 B
317 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yesnic.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E3F 57 KB
22 KB 309ms
308ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621683867&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621683867387&bpp=4&bdt=1943&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7236655504561&frm=22&ife=1&pv=2&ga_vid=1533683720.1621683867&ga_sid=1621683867&ga_hid=1865787448&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44743003&oid=3&pvsid=2828153718139405&top=http%3A%2F%2Fcovid19stickingplaster.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.zbaocc5ta0yg&fsb=1&xpc=VLaY9Y1HXW&p=https%3A//www.yesnic.com&dtd=75

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fd4f36374000a2e1eba27ad68df0858afe4c6b22df08a604af7f4f997f17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621683867&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621683867387&bpp=4&bdt=1943&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7236655504561&frm=22&ife=1&pv=2&ga_vid=1533683720.1621683867&ga_sid=1621683867&ga_hid=1865787448&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44743003&oid=3&pvsid=2828153718139405&top=http%3A%2F%2Fcovid19stickingplaster.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.zbaocc5ta0yg&fsb=1&xpc=VLaY9Y1HXW&p=https%3A//www.yesnic.com&dtd=75
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 22 May 2021 11:44:27 GMT
server: cafe
content-length: 22128
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 22-May-2021 11:59:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 22 May 2021 11:44:27 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F9E 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597303326658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sat, 22 May 2021 11:44:27 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 1F9E 43 B
288 B 174ms
58ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=IS_-eiKy5am5Mzr0mowXI6xxRMiSv2kNGTFnpjQnp80VqyxCs4u6Pv3CWh8YbNDGDPKldIIqjS4c1sxLxpBHVozmYhi-dhSvRgP43GFs8XFsPfBVeCvioup3b5PjHjG9ViqhUbfth_ZnF9MFKMM-OWKFVDCIZ-V9sZQmwzeG9zbWt_7iFkm498p_Mzbza3xOyjk1MNDa7JBWTpvX0yTrvabo_Yw
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 11:44:27 GMT
server: Microsoft-IIS/10.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
server-processing-duration-in-ticks: 5656
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FC8B 0
326 B 43ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=covid19stickingplaster.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=covid19stickingplaster.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=ad46c811-85fd-4824-8597-7b68a57158be; zdi=*1xdfHqWGu9U7qC3ICAVWsow%253d%253d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3077
set-cookie: uid=ad46c811-85fd-4824-8597-7b68a57158be; expires=Sun, 22 May 2022 11:44:27 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sat, 22 May 2021 11:44:27 GMT
content-length: 0

GET
H2 200 2495297191142805238
tpc.googlesyndication.com/simgad/ Frame 3E3F 32 KB
32 KB 31ms
12ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2495297191142805238?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkbfPWI7YUGI-YXZGxm5H2mRAVwww

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621683867&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621683867387&bpp=4&bdt=1943&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7236655504561&frm=22&ife=1&pv=2&ga_vid=1533683720.1621683867&ga_sid=1621683867&ga_hid=1865787448&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44743003&oid=3&pvsid=2828153718139405&top=http%3A%2F%2Fcovid19stickingplaster.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.zbaocc5ta0yg&fsb=1&xpc=VLaY9Y1HXW&p=https%3A//www.yesnic.com&dtd=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353f71be527a93616e12f78121d93cc15955d09c372632a13510664d6ff2b538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 13:44:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Apr 2020 17:55:59 GMT
server: sffe
age: 165581
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32265
x-xss-protection: 0
expires: Fri, 20 May 2022 13:44:46 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 3E3F 17 KB
7 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 11:39:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 3E3F 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 11:40:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E3F 119 KB
36 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597309435250"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37145
x-xss-protection: 0
expires: Sat, 22 May 2021 11:44:27 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 3E3F 13 KB
6 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 11:40:56 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 3E3F 25 KB
10 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 07:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Jun 2021 07:10:39 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E3F 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGwsVm-6oYJj8Hb291fAP0vmhyAOY15jcYrLHz5b9DNnZHhABINar1xtglQKgAZ3NpfsCyAECqQJvoZ3EBXC0PqgDAcgDyQSqBNgBT9C--J1CgMJJbNg2rK88Whge9RTGzee-qkXdrbYuq71qSAMisgIN-_QpVfebDbF72rmgGCSt3gP4IxMQpMdFCOF_fiDuFH_R69TGuMyWC5fKwhj5ELBEPuSZp1LM7tHkz_sZWB3Rgq2mzZPIBOha7tbm8s-RE_PbBPutM4GiuZmbt4Zj_FtmnYAvyVvxIViqQFMo1hNiMCQhB2m44n4cau7VFZohQL7bYeJThwuLVOelFjzukNbtdWihMn240PuXfNO7oSZ-PgL48q0XR0Loa_-7Ooi5vVOMwATwlcWxpgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHy7LahAGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-oAJ0ggJCIDhgBAQARgfgAoByAsB2BML0BUBmBYBgBcBshcaChgIABIUcHViLTQwMDc3MTU1ODkxNzAwMTU&sigh=Kt8QoB5QTwA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621683867&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621683867387&bpp=4&bdt=1943&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7236655504561&frm=22&ife=1&pv=2&ga_vid=1533683720.1621683867&ga_sid=1621683867&ga_hid=1865787448&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44743003&oid=3&pvsid=2828153718139405&top=http%3A%2F%2Fcovid19stickingplaster.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.zbaocc5ta0yg&fsb=1&xpc=VLaY9Y1HXW&p=https%3A//www.yesnic.com&dtd=75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 22 May 2021 11:44:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 22 May 2021 11:44:27 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4003 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621683867&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621683867387&bpp=4&bdt=1943&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7236655504561&frm=22&ife=1&pv=2&ga_vid=1533683720.1621683867&ga_sid=1621683867&ga_hid=1865787448&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44743003&oid=3&pvsid=2828153718139405&top=http%3A%2F%2Fcovid19stickingplaster.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.zbaocc5ta0yg&fsb=1&xpc=VLaY9Y1HXW&p=https%3A//www.yesnic.com&dtd=75
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlmG2otgiw8tEdWVhGnoGp_8zybe1F4MoeT6-FGUun91R9uMLDJ4pH7aMh3oLY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=2046373911&adf=1416142858&pi=t.ma~as.2162713512&w=728&lmt=1621683867&psa=0&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&flash=0&wgl=1&dt=1621683867387&bpp=4&bdt=1943&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7236655504561&frm=22&ife=1&pv=2&ga_vid=1533683720.1621683867&ga_sid=1621683867&ga_hid=1865787448&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=335&ady=961&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44743003&oid=3&pvsid=2828153718139405&top=http%3A%2F%2Fcovid19stickingplaster.com%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.zbaocc5ta0yg&fsb=1&xpc=VLaY9Y1HXW&p=https%3A//www.yesnic.com&dtd=75

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 22 May 2021 11:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 908
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3E3F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae5c4982ce7d553e7c3c310ea2264ea7782e6f5dcb90e16e3bae3a915c139ded

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1F9E 10 KB
8 KB 32ms
32ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c56e0c9317b7d194d6bc681fd7e13ed4058748e4db5e42847425a1890d3e7884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7794
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4003
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlmG2otgiw8tEdWVhGnoGp_8zybe1F4MoeT6-FGUun91R9uMLDJ4pH7aMh3oLY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 22 May 2021 11:44:28 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 22-May-2021 12:44:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 22 May 2021 11:44:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 22 May 2021 11:44:28 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4646 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:01:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 2588
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Sun, 22 May 2022 11:01:19 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F9E 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 22 May 2021 11:44:27 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2773 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yesnic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yesnic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 22 May 2021 11:29:57 GMT
expires: Sun, 22 May 2022 11:29:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 870
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2773 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:01:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 2589
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Sun, 22 May 2022 11:01:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F9E 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2828153718139405&bg=!Li2lLWnNAAZ7hX_Ue4U7ACkAdvg8WuDSZTrq2IXE6ZL9R-ZhstkDni06Xw_GaitzSW2BpMWvKoeSSgIAAABZUgAAAAloAQcKABoRmtaN1V2ZnN0EEjz6G3gDNpyw8Bgk2byoWJkCWjUDYC66PpbWwTgzbz_YzsRoI8PCy81gVPTVZ3DU87abBHooD_IzRJkX8UcwWUqxYKBVTJ77rxoS6HePp6K4UtSG4ihugQEPWtxnUDqCp_jCd32uak-UfVuFRXeIGXVKYzvy2TAEnaOBUub8s6x_wW1AterxJB8VYqqcsGagzdcrbM6bofbRzY_7dqoUV5vHR8YvoZbEp19kjO8S4mxmWGL_os74cXQxDWq8kK6AHciA8K2-eejmYDCp1isx018mQ7qe7b5nV47TWN4mADfTqKmPfTTitw60rtZmJIhJLeZ5a_J_UOcMK4JrWhAKXRruXJRsucNSdcqaqy6um6oScEdcEdGcnKAVVog1nCW_f-NI8KQcpJtGbRrZa1rwCaP0Tsm_Y8ME9Hrq1Q8EuTDTJOraxSEpPcKh-UFws4Pa6zh3PDB2GsdmEFWJ6T1y1qd9nEYc6xQnGVmobKbDlMKl1sofI2pg5mwQ3QhTJUus_8cDIbhpRdXLtBQulCuV2Oqf4Rraw5y24-JivY0FO0LjFwI8ftoVurPKU2p-FLuVXsa-xUyqCRLrvUvkR5jq7kS-DKYSGruJ-mAK-_FiwCh6CNVMeNPYnejTHoL6JfAod3v9s3uhPEAYGZ4_02OzHdnC2-Jlx-748RAJWGKNdsOtkNEme09Bj3P_cwNL0IfMajIOSa5CC0Q2IkbBJ3lZ1Y1928TfvGtMCIBNq18K3Jbf9I0RW_f8RaMEkkHGHks1aeH4v7ATm-5DmctvWAXMUCkhQxV8kOI8MHIsEzFO-2CSvi8G86_D_K7_PfNI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 11:44:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E3F 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbWYQFnkLlAj8XdWUSaqtzPfmcVpmEsPY7bKsor_YK8IfPkcsmnyEjW-bqMDHPuTKYZ6WJ9Fxjlupk_FqX_s2TSfbmK04sWf-udUpXaoynU1ejG2MVVgIdtQcJuQ&sai=AMfl-YRus_Y6wQl0gSu9fM-JtJ63g6-z5TXx46YwlV1zik3ekyAPWP-ftCiVxBAPWIe_njV02jj5HjM4tJvF&sig=Cg0ArKJSzNToBKhFWWbkEAE&id=lidar2&mcvt=1000&p=961,335,1051,1063&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2046373911&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1621683867464&dlt=312&rpt=40&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 11:44:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/	1970-01-19 18:28:07	Name: zdi Value: *1xdfHqWGu9U7qC3ICAVWsow%253d%253d
.criteo.com/	1970-01-20 03:13:39	Name: uid Value: ad46c811-85fd-4824-8597-7b68a57158be
.doubleclick.net/	1970-01-20 03:49:39	Name: IDE Value: AHWqTUlmG2otgiw8tEdWVhGnoGp_8zybe1F4MoeT6-FGUun91R9uMLDJ4pH7aMh3oLY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cas.criteo.com
cat.fr.eu.criteo.com
covid19stickingplaster.com
googleads.g.doubleclick.net
gum.criteo.com
pagead2.googlesyndication.com
ssl.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.yesnic.com
yesnic.com
116.126.87.18
178.250.0.145
178.250.0.160
220.230.126.70
27.96.130.131
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a02:2638:1::13
2a02:2638::3
05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258
0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2
25a6dce0e2accd827f705712eda9010ca1ad95dba9f0ffd737b949b55535c4a1
2618d563242aacf8282e859c657cf825f6f6c55502213fc0a204b14889d3b134
353f71be527a93616e12f78121d93cc15955d09c372632a13510664d6ff2b538
38706eedb5aea78288db13718cfb66fbf1510331d7df9617b848c98088a37bc0
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3f2d9802d4d18e31ec0b41fc66e7da3c1cd6373d32c515df61ab8c3127956698
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebcb7d7a2bbf4a881f8b5b595bacae9af33e656e99390f90b421351340ee42d
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
71ef4835eb4df0a32a0cd973c096e74ae3f7c854ab47fa54324692766f03b855
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
896fc0efbce89ba6f9f8e66159b07accacdb09a73641d074f08263770d8989ab
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
984d5020888f5a68ac8976c55f7d313ec0850e90e02356c3be4a3d788ea9d9e0
98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae5c4982ce7d553e7c3c310ea2264ea7782e6f5dcb90e16e3bae3a915c139ded
c24f56500bf872b49d78667d89a276cce643de788dcc3302734d51710ba542da
c56e0c9317b7d194d6bc681fd7e13ed4058748e4db5e42847425a1890d3e7884
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f40bbdbdfc693600cd81d54bbdf62aa4ff129775df7725efb8122d8a8da5f0
eb4fd4f36374000a2e1eba27ad68df0858afe4c6b22df08a604af7f4f997f17a
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53e194c622cd7a84db30cc5cb77425247798975c19b9a30c7b5a2d1f0df453

covid19stickingplaster.com Open in urlscan Pro 116.126.87.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

71 %IPv6

10 Domains

15 Subdomains

16 IPs

3 Countries

627 kBTransfer

1198 kBSize

3 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

covid19stickingplaster.com Open in urlscan Pro
116.126.87.18 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

71 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

627 kB
Transfer

1198 kB
Size

3
Cookies

41 HTTP transactions
1 data transactions