ja.answersexpress.com Open in urlscan Pro
104.21.3.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ja.answersexpress.com/
Effective URL:
https://ja.answersexpress.com/
Submission: On July 29 via manual (July 29th 2021, 12:09:56 am UTC) from JP

Summary HTTP 137 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 21 domains to perform 137 HTTP transactions. The main IP is 104.21.3.123, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.answersexpress.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 22nd 2020. Valid for: a year.

This is the only time ja.answersexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	104.21.3.123 104.21.3.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1 1	162.55.139.78 162.55.139.78	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.111.216.213 104.111.216.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.111.245.23 104.111.245.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3 14	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	149.5.244.188 149.5.244.188	174 (COGENT-174) (COGENT-174)
12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
137	23

22 104.21.3.123 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ja.answersexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
answersexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.answersexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bk.jampartizan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.139.78 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.78.139.55.162.clients.your-server.de

salesali.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.213 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.245.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-23.deploy.static.akamaitechnologies.com

sale.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.5.244.188 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com 7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	502 KB
22	answersexpress.com 1 redirects ja.answersexpress.com answersexpress.com i.answersexpress.com	470 KB
17	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	222 KB
14	yandex.ru 3 redirects mc.yandex.ru	4 KB
9	google.com 2 redirects adservice.google.com www.google.com	2 KB
8	zx-adnet.com cdn.zx-adnet.com	135 KB
7	googletagservices.com www.googletagservices.com	228 KB
5	ampproject.org cdn.ampproject.org	101 KB
4	gstatic.com fonts.gstatic.com	62 KB
3	aliexpress.com 2 redirects s.click.aliexpress.com sale.aliexpress.com	3 KB
2	2mdn.net s0.2mdn.net	47 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	google.de adservice.google.de	975 B
2	webvisor.org 1 redirects mc.webvisor.org	716 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	web.app site2text-2021.web.app	449 B
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
1	googleadservices.com partner.googleadservices.com	278 B
1	jampartizan.com bk.jampartizan.com	1 KB
1	salesali.biz 1 redirects salesali.biz	496 B
1	jsdelivr.net cdn.jsdelivr.net	83 KB
137	21

	Domain	Requested by
28	tpc.googlesyndication.com	ja.answersexpress.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
14	mc.yandex.ru	3 redirects ja.answersexpress.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	i.answersexpress.com	ja.answersexpress.com
11	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.answersexpress.com
8	cdn.zx-adnet.com	ja.answersexpress.com cdn.zx-adnet.com pagead2.googlesyndication.com
7	www.google.com	2 redirects ja.answersexpress.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net
7	answersexpress.com	ja.answersexpress.com
6	googleads.g.doubleclick.net	1 redirects bk.jampartizan.com ja.answersexpress.com cdn.zx-adnet.com googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ja.answersexpress.com	1 redirects ja.answersexpress.com
2	s0.2mdn.net	tpc.googlesyndication.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	mc.webvisor.org	1 redirects ja.answersexpress.com
2	sale.aliexpress.com	1 redirects ja.answersexpress.com
2	counter.yadro.ru	1 redirects ja.answersexpress.com
2	site2text-2021.web.app	ja.answersexpress.com
2	stackpath.bootstrapcdn.com	ja.answersexpress.com stackpath.bootstrapcdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bk.jampartizan.com	ja.answersexpress.com
1	7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s.click.aliexpress.com	1 redirects
1	salesali.biz	1 redirects
1	cdn.jsdelivr.net	ja.answersexpress.com
137	28

This site contains links to these domains. Also see Links.

Domain
answersexpress.com
ar.answersexpress.com
bg.answersexpress.com
cs.answersexpress.com
dan.answersexpress.com
gre.answersexpress.com
spa.answersexpress.com
et.answersexpress.com
fin.answersexpress.com
fr.answersexpress.com
hi.answersexpress.com
hr.answersexpress.com
hu.answersexpress.com
ind.answersexpress.com
ita.answersexpress.com
iw.answersexpress.com
kor.answersexpress.com
lt.answersexpress.com
lv.answersexpress.com
ms.answersexpress.com
dut.answersexpress.com
no.answersexpress.com
pol.answersexpress.com
por.answersexpress.com
ro.answersexpress.com
ru.answersexpress.com
sk.answersexpress.com
sl.answersexpress.com
sr.answersexpress.com
swe.answersexpress.com
tha.answersexpress.com
tr.answersexpress.com
uk.answersexpress.com
vie.answersexpress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-22` - `2021-09-22`	a year	crt.sh
blog.ippachi.com GTS CA 1D4	`2021-07-13` - `2021-10-11`	3 months	crt.sh
web.app GTS CA 1D4	`2021-07-20` - `2021-10-18`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
www.aliexpress.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-03-28`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
mc.webvisor.com Yandex CA	`2021-03-11` - `2021-09-02`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
yorkshireterrier.petcumulus.com GTS CA 1D4	`2021-06-19` - `2021-09-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://ja.answersexpress.com/
Frame ID: 61CD78598551806532731CE1234D40CD
Requests: 61 HTTP requests in this frame

Frame: https://7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F9825CCBDDD3A5681FD34722C28F1BFC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuddRLhemiXBn37ZKeDQ-uSyOM9oCZExusPFklpO65aYeOrPEbbmciHESpr1tStGhOqqmlIz9GCDEF9A0rpV3Ij6xzN-OkyrURq8l-OPYLhtLsBeNLkwZeii915yNj3n1GEiyaARDCFojF9BLiT5rcxlXViEN6KnU0GIJvGOycxaGB0GCFu61wly5gDYil-pDDbmyUDhQPBBlywR4Kmoi0m_dpqTqITUwFxtDk9m4imw3g3hhhsgjFATzOIxfNW4s4grVw-54_bL8A-pWI8CRGy20dL_tSyh1yOSub_TtWZ8eLPVsZ1Ebw&sai=AMfl-YTdPDdkxmgSMkeFF-MOzKuNwhfeHV0fhHbVWor76KwvnY5BidIQdbB4aEqz2HSWGPMCk2pWHBYwCO74szRaaf85IHbklHweow7Kv6WvN7GiuVpCkP2G2mKoLM3BhkI&sig=Cg0ArKJSzHo1OHAOP5DQEAE&urlfix=1&adurl=
Frame ID: F23B0D603EAF1E585ABF3391698E3566
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt_G7Vmq7qqzpPF5bRTXUOG8YxXyAinKs0FtD7C3WKf913iftgI69BTBDp8ESHGsb86yTrRTpGRuL9irgrEukvtmPQZM4PTPQgK8CLLZYcdyCHODG4CldGeYXWlqdST81U7xnxE0fIKMo7tK2itIz5WzGvbjy_DGrw1WjL2uVGp3OZDdSKV6laImjrIoiAGEKi7B--Iwd7bWuAyy8Pyfy0yOMdZd08f7wNTdV0l4QC6B4Ma3NiRco6p96LFRWqWwBZz1UpRI2gZLC9Y3U-G4g0hzRysZOrEOVYLfrN_xo1gpk90nBqtxc&sai=AMfl-YQuWyrjAHad6y2a6EmihPtzwAvrrSnL5_nplvQGGH3JAGXIPsYWnpsAtiBQGNQX9H1xQvP55iwv3kRDWFNYRknS7baZ0Bp9okVdzTBUHDM-_DalA36p-oXpo-PuLBw&sig=Cg0ArKJSzLzRQrvRVqakEAE&urlfix=1&adurl=
Frame ID: FDF1C9D338DCED1A35D668825C399480
Requests: 13 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_optr.html
Frame ID: A4F8A13B6BF00B55CA52BF1433CD7263
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs
Frame ID: DF1E446F1E22EDE3C76A4393E493B477
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653
Frame ID: D447EF706B0F7AF77CE6F85ED6B35D05
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.5176149528308371
Frame ID: D1DF4968C526DD11FEC99E3A76B43C77
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html
Frame ID: 99B397FA6909442BDBF704F04B6E9F54
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html
Frame ID: 7E33CA6F5E13CFA4ACC2DC9415ADE843
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E286EFC44AAE7108A0EC1DE4A242349D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E235ADB34A280D9A6FC82B50E6E11AC2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B377E824792BEDB4EDFF0FD440442654
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2B6306A6E5492981F44A871D99C7C36C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1FC76C6E05BAAB7AA6AF994744D0B5EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ja.answersexpress.com/ HTTP 301
https://ja.answersexpress.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

137
Requests

100 %
HTTPS

63 %
IPv6

21
Domains

28
Subdomains

23
IPs

3
Countries

1941 kB
Transfer

4636 kB
Size

10
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://answersexpress.com/

Search URL Search Domain Scan URL

URL: https://ar.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://bg.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://cs.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://dan.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://gre.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://spa.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://et.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://fin.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://fr.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://hi.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://hr.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://hu.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://ind.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://ita.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://iw.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://kor.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://lt.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://lv.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://ms.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://dut.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://no.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://pol.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://por.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://ro.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://ru.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://sk.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://sl.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://sr.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://swe.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://tha.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://tr.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://uk.answersexpress.com/

Search URL Search Domain Scan URL

URL: https://vie.answersexpress.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ja.answersexpress.com/ HTTP 301
https://ja.answersexpress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.answersexpress.com/;0.769118088499938 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.answersexpress.com/;0.769118088499938

Request Chain 31

https://salesali.biz/px.php HTTP 301
https://s.click.aliexpress.com/deep_link.htm?af=DRjzpx&cn=aliexpress&cv=banner&dp=19TZ1UxgOCZiv16&tp2=DRjzpx&afref=&aff_short_key=cD4TW1tW&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%3Faf%3DDRjzpx%26cn%3Daliexpress%26cv%3Dbanner%26dp%3D19TZ1UxgOCZiv16%26tp2%3DDRjzpx%26afref%3D%26mall_affr%3Dpr3 HTTP 302
https://sale.aliexpress.com/continuation_default.htm?aff_trace_key=827baf9857944c789ff81c55361b480d-1627517377032-02997-cD4TW1tW&ts=1627517377034 HTTP 302
https://sale.aliexpress.com/__pc/continuation_default.htm?aff_trace_key=827baf9857944c789ff81c55361b480d-1627517377032-02997-cD4TW1tW&ts=1627517377034

Request Chain 33

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A2%3Adp%3A0%3Als%3A667303656276%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A820269014%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Ati%3A2%3Ast%3A1627517377 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A2%3Adp%3A0%3Als%3A667303656276%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A820269014%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Ati%3A2%3Ast%3A1627517377

Request Chain 34

https://mc.yandex.ru/watch/52112104?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A896320318934%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A961566580%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1627517377%3At%3A%E5%AE%B6%E3%81%AE%E4%B8%AD%E3%82%84%E8%81%B7%E5%A0%B4%E3%81%A7%E3%81%AE%E9%9B%BB%E6%B0%97%E6%8A%80%E5%B8%AB HTTP 302
https://mc.yandex.ru/watch/52112104/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A896320318934%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A961566580%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1627517377%3At%3A%E5%AE%B6%E3%81%AE%E4%B8%AD%E3%82%84%E8%81%B7%E5%A0%B4%E3%81%A7%E3%81%AE%E9%9B%BB%E6%B0%97%E6%8A%80%E5%B8%AB

Request Chain 38

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9348.FtQauXVgsVvRCfzzIftyizxWkaH53MHNj3zYCVE4xvIZmZXA1rOVuILz4GA3xTpJ.XaWH_Y5KiNq-OpqBSMvplx2QEQE%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9348.45f2PMUREPkzUCp6xqknk1fMJZVyLjvUOnKdP7qw_9dExJ8MfYXz7yVFfljoTLiDo9E2MG_vP4b1Q3cWj1rDnfKLFW3CHKl8vvARiajDVbY%2C.z09Cr7VnO-eUgQUvaFZXQoFwuvY%2C

Request Chain 70

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR&adk=2070116192&adf=816031639&pi=t.ma~as.ZXOPTR&w=300&url=https%3A%2F%2Fja.answersexpress.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627517377670&bpp=11&bdt=84&idt=74&shv=r20210727&mjsv=m202107280101&ptt=5&saldr=sa&cookie=ID%3D52a587f4b844ba3a-224ecbb38fc800f9%3AT%3D1627517377%3AS%3DALNI_MaRGU2DvujAmDiKp_QYtiomdWbMew&correlator=2143674998708&frm=23&ife=4&pv=2&ga_vid=1834655964.1627517378&ga_sid=1627517378&ga_hid=1029485935&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1069&ady=5674&biw=1600&bih=1200&isw=300&ish=600&ifk=4066796620&scr_x=0&scr_y=0&eid=21066435%2C20211866&oid=3&pvsid=3423536896930644&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1rmew85yy1zt&btvi=1&fsb=1&dtd=192 HTTP 302
https://cdn.zx-adnet.com/adx/1_optr.html

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

137 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ja.answersexpress.com/
Redirect Chain

http://ja.answersexpress.com/
https://ja.answersexpress.com/

69 KB
17 KB

798ms
759ms

Document
text/html

104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe4d8a819337ebdad851deeb7250c005204a86c27b7d47a98e6a700294d341c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ja.answersexpress.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: max-age=86400
expires: Fri, 30 Jul 2021 00:09:36 GMT
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7ow3YPHhpPqLhQt%2FIOGOhoXu1LO%2Bh6%2BTYiVR%2BwIDuLslg3diBgiZsM9bNN2n4L%2FpYqo22AmVdGmfaVB6cgsOqWcE%2FvwqMPV7oaTErR8siVqcc1Oa62sfmvh1U7Xr9QqwTpQCaTznhM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 67621e8f1a5840e1-CDG
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Thu, 29 Jul 2021 00:09:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 29 Jul 2021 01:09:35 GMT
Location: https://ja.answersexpress.com/
cf-request-id: 0b91316d27000040c96bab5000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tPn%2B6y%2F%2F9NHkjGnxtcuWb10YPp7nfsMSVt5CBeaV%2FaIs5LZB%2BJtWr9jbcyr7hwYW%2FbGIjFLwltHGDjDc%2BhcDc6YI3%2B4buUx7Pp%2BXfpXXmwAYhQltfmfsscl%2BJltQ1yMhnf8hzA3Jqc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 67621e8eab5440c9-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 main.min.css
answersexpress.com/template/css/ 126 KB
36 KB 41ms
33ms Stylesheet
text/css 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answersexpress.com/template/css/main.min.css

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed0901fcfab48f006c871e390543f4eb6e47d0ec6420a8fe1a065ed6132bf80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477076
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Dec 2020 23:29:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1f9a6-5b597ba375c0b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuvZkJKbE68IszngceStACcFp1stl6CqRr79qgyOxP3B7L6ydSoCEj0XFTQQeZMu7xkh%2F6TyR6GNQDUdT3qZbgU7%2BfYSeRGF85VRM%2Bqew3zx%2FvB%2FBhP%2BedBGJm3BA7HjZsvqgUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 67621e944f4840e1-CDG
expires: Fri, 06 Aug 2021 11:38:20 GMT

GET
H2 200 optr_overlay_19091901.js Show response
cdn.zx-adnet.com/adx/ 5 B
112 B 35ms
18ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/optr_overlay_19091901.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1627517377.686078,VS0,VE1
etag: "008e573f046db72edd806683cf4c63685d1d8dcc88a7dba93fc5d238aeef0d91"
x-served-by: cache-hhn4020-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 29 Jul 2021 00:09:36 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 5
x-cache-hits: 1

GET
H2 200 logo-32x32.png
answersexpress.com/template/images/ 2 KB
2 KB 38ms
31ms Image
image/png 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://answersexpress.com/template/images/logo-32x32.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6029240a26e51d6572e8e6514d331be54276f5c3d3fc313923fd0f847366a063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1111369
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1870
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 16:21:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "74e-5a2b5c6b3b680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2h%2ByfQRLtViE4HnjJjG4xE2dtrTJLdlvRvJ8gaDW6BBWeFtLTcYVM%2FWWGkc1vp3jolw3YxZLHHkcfDV5uCWB0fdBopZFYOLl6qNwtX0P7VwIg3xOIlrA9Jlm1gTCVZe9lsMMBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e944f4d40e1-CDG
expires: Sat, 16 Jul 2022 03:26:47 GMT

GET
H2 200 optr_19071801.js Show response
cdn.zx-adnet.com/adx/ 146 KB
20 KB 27ms
11ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/optr_19071801.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

200c3f53d1b4c86c5c278908b4024a34483b052f262b2c0b455366f1c3c8f144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1627517377.686254,VS0,VE1
etag: "3c8cb418e1e985a32ffadf6e0c7dea56e1173e244a00fc50f054d153e498af72-br"
x-served-by: cache-hhn4020-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 29 Jul 2021 00:09:36 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19849
x-cache-hits: 1

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 11070823
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6fc1a75116c932681ed09108db37b84c
cf-ray: 67621e9429cd42cf-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.js Show response
answersexpress.com/template/js/ 95 KB
34 KB 32ms
26ms Script
application/javascript 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answersexpress.com/template/js/jquery.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d4c43f68c47e19be7184c316c903223b984fc57c4634fada219f486663cefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1116132
cf-polished: origSize=97168
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Apr 2020 23:58:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17b90-5a2a80c698280-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxYZKx4TlpRpmSJWf9eSr7ZbOG8%2BbnHJkqRZVbkQdC9oi63X5slnMLl35WzSkgnsNclVY2vgOJW6pHLrvWRctJX4ky5Esw7%2FJnS6JkXhiDJ70gH%2Bea03ANRG8dQZOKP1u9PC9Rc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 30 Jul 2021 02:07:24 GMT
cache-control: max-age=1209600
cf-ray: 67621e944f4c40e1-CDG
cf-bgj: minify

GET
H2 200 jquery-sticky.js Show response
answersexpress.com/template/js/ 7 KB
2 KB 31ms
26ms Script
application/javascript 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answersexpress.com/template/js/jquery-sticky.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ad56a192cfb796852af711e1326b02a9af338326a60fe291ca65fe8763ddda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 836895
cf-polished: origSize=16097
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Apr 2020 23:58:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3ee1-5a2a80c5a4040-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iILe9uCSWSteD6wMoAB5hKOrx2zTWwoIWsC%2BKkrAMidQiRImi2ver51730Sd%2FrpcqgNyGUpo5S97fbu2oAtcp0ZLM%2BAyu695L9lKV%2F6%2BHHPNEGHzo5icKMAOwUh5KYhrq20zPRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 02 Aug 2021 07:41:21 GMT
cache-control: max-age=1209600
cf-ray: 67621e944f4b40e1-CDG
cf-bgj: minify

GET
H2 200 jquery-touch.js Show response
answersexpress.com/template/js/ 627 B
758 B 30ms
25ms Script
application/javascript 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answersexpress.com/template/js/jquery-touch.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1332c8a7080f0812b912170b5c08e793b1d42be98384796aa857ba53dd11ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1116132
cf-polished: origSize=952
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Apr 2020 23:58:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3b8-5a2a80c5a4040-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khQop6JHly8bWHMtG1ilMKUWEiSTcJkJqd2Lk5ZnFqorrej%2FvCTLd2SOmozP1HAK2I27TTSYX8J2YJoDBbyon%2BaB7tYQRo5PVApjC3Oiifj2xEUD6T2gXKgYQ0UwWMCO7wbyBnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 30 Jul 2021 02:07:24 GMT
cache-control: max-age=1209600
cf-ray: 67621e944f4a40e1-CDG
cf-bgj: minify

GET
H2 200 jquery-popup.js Show response
answersexpress.com/template/js/ 20 KB
8 KB 37ms
32ms Script
application/javascript 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answersexpress.com/template/js/jquery-popup.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40888936f3dc9567204785d9d55fdaf5506d753e25ed5e45f7bd199501a0b1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 824897
cf-polished: origSize=20219
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Apr 2020 23:58:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4efb-5a2a80c5a4040-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLxxDna2gOl0F0%2FjHFcgTaX5GCG3fyWzm3TiZ3f1dSRejsrykePmd2QqZXRXoFYwRYBWmZvLeKZa%2FWzfdImsHaHeSYR73K6mEyvO3LOnYZkJl1Dyqpw%2BEVX12y%2F493CGRsggnuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 02 Aug 2021 11:01:19 GMT
cache-control: max-age=1209600
cf-ray: 67621e944f4940e1-CDG
cf-bgj: minify

GET
H3-29 200 jquery-init.js Show response
answersexpress.com/template/js/ 4 KB
2 KB 29ms
27ms Script
application/javascript 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answersexpress.com/template/js/jquery-init.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f815fd7944d12193098afb36795495ae76b8ee4a0882036325024d7a963c781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477076
cf-polished: origSize=6121
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Apr 2020 23:58:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17e9-5a2a80c5a4040-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtHbMmcchxdB6tj2oN26wC0UUPbpspOhg5siKzU4yhdfJbndfqJY2Uz%2B3AivtR1rSR3uy2qNv13yZgoDNlP7uqMJf%2FkIkmjO6RwewoRTFjOykiHHRZkzYbw4%2BgFa8qHj1KczEN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 06 Aug 2021 11:38:20 GMT
cache-control: max-age=1209600
cf-ray: 67621e947e9932c3-CDG
cf-bgj: minify

GET
H3-29 200 json-pew.js Show response
ja.answersexpress.com/ 424 B
1012 B 57ms
29ms Script
application/javascript 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.answersexpress.com/json-pew.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457c72a4ffef9610ff0a794a68cb26c734f71190c762ed9f4ff18b1f4240af90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /json-pew.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ja.answersexpress.com
referer: https://ja.answersexpress.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66521
cf-polished: origSize=492
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Jul 2021 06:27:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1ec-5c78824334dfe-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkOs%2FySZlOXHyoORnoBmis1Imq0%2BVDhAvVwcXhwtFH8u1RIN%2FV7aJsicE%2FT8CmihWiPYGPh%2FpNIcuwUAGetg3dtH8r%2FHIb5hCWkKvxL00uHWaaN4Ytu0mkjYsafYE30dOt6z3qoXcN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 11 Aug 2021 05:40:55 GMT
cache-control: max-age=1209600
cf-ray: 67621e946e6c32c3-CDG
cf-bgj: minify

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
9 KB 246ms
245ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7731652256954047

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1627517377.720039,VS0,VE238
etag: "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
x-served-by: cache-hhn4020-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Thu, 29 Jul 2021 00:09:36 GMT
accept-ranges: bytes
content-length: 9498
x-cache-hits: 0

GET
H2 200 555-timer-monostable-circuit-calculator.png
i.answersexpress.com/electronics-img/tools/413/ 40 KB
41 KB 293ms
282ms Image
image/png 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/tools/413/555-timer-monostable-circuit-calculator.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80803df6ef31f60d8b615f4a603d2a02f13823c9bf3d1e9afa1600b417f82fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 41327
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:53:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a16f-5a2aa7e8d3a95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3hwr9r515b3MyhaTXZGlcGNc9g6zrzlH7tHXx91M0sDiCLbQkAoksi6OQumddiqXxp2cRZYU91J5jkjZJhJUkmUyMuuEqUrvISGxYofVq6TheaxQDS50BQ9m22min1cFucCCHEOmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95483c40e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 voltage-regulator.png
i.answersexpress.com/electronics-img/textbook/239/ 9 KB
10 KB 35ms
25ms Image
image/png 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/textbook/239/voltage-regulator.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98414b1613797e6ea30276612ef91f745399c0765668c1856081ee0552acf2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 708170
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9554
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:44:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2552-5a2aa5b83e668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMKgq5fP8qwtlUqoK2gJd7C9xXAgnlHlPIddZWjecpbLADpBSiaN5UdLK3QdOWJoJ5zSl8HYvcxXNcCn1LSRLacXRab81iWejd7FAPPq6kfkDMkfA4AdOD8kZxfctn3mVrx1DHztyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95483a40e1-CDG
expires: Wed, 20 Jul 2022 19:26:46 GMT

GET
H2 200 why-modern-buildings-must-have-energy-metering.gif
i.answersexpress.com/electronics-img/news/428/ 17 KB
18 KB 440ms
431ms Image
image/jpeg 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/news/428/why-modern-buildings-must-have-energy-metering.gif

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5996a03b715a521347efa92de6ee7b9daa567bd26338aacaaceaa1ce88fc7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17621
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Apr 2020 22:35:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "44d5-5a2a6e34cc14f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jopAKrj5S6CWVFbo%2FWlKxKsOtGc5BWcXuP1N6s%2B4eagkVMgu7oPWQHhOVfOp5HqhLr6l59hSnCuL9SzjN3cRd5wnLWPr0mxMNsMA36TicXw5wI0%2FsvM3J%2FfNSh%2BjsroLfqbWotXolg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95483640e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 five-main-reasons-power-supplies-fail.jpg
i.answersexpress.com/electronics-img/news/582/ 50 KB
51 KB 406ms
397ms Image
image/jpeg 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/news/582/five-main-reasons-power-supplies-fail.jpg

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72cfb7c50bedb2f4afd042046214d6ba527d2fca41ce6d6b999a0db31e1f1675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 51582
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:25:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c97e-5a2aa19d9c67f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2rmpClGcAUhT2%2BKQFYMEVdBOXK%2FNr37BZyhz6v2Uc5mrz6qPbo6IeUaLuTSdjNuqQjTXKv3VetBycnJdEwEWXaxTJDOHGowvPeGZy5I0VFrl%2B7TtU8iHUkfmA1rvRJqoKYiKCnkTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95483e40e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 ladder-diagrams.png
i.answersexpress.com/electronics-img/textbook/764/ 6 KB
6 KB 306ms
297ms Image
image/png 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/textbook/764/ladder-diagrams.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddf362738cf1fda834880290695887ac6ddf5a29b98451ee941acc27823b7f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5738
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:50:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "166a-5a2aa72813177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvqby2qRS2z7azcPZlQBLgXhSo%2BtofgtmycITMwgOGO8lygVnCX%2BITivm65sJSPSCv6YLJQGrOHzZn0Qf6oK4gpiXo%2BgcjsDtA8%2BKoZvyWCQx4NXJyjC0NVTok%2B2QNjg1N7O0IE3EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95483740e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 billion-dollar-storms-vs-u.jpg
i.answersexpress.com/electronics-img/news/608/ 43 KB
43 KB 349ms
340ms Image
image/jpeg 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/news/608/billion-dollar-storms-vs-u.jpg

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689757f9f6acbaac0a850681f8e912a6665e3928e5da855d28020e535103da04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43871
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:26:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ab5f-5a2aa1c98c6e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qhlv1wdC0wlQQpkmxZ7rCFdOnprNtiHaHSauwwDRw%2F2dU8CNPHNRhArytLNUHHOAvuuNvj2t9wCUVZ1ON7lNddsq0NfoB4vkKf6XtdbNIgOzJgN2HJ0auSnJGpEq9Qb8XMbl6VFL2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95483940e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H3-29 200 practices-grounding.gif
i.answersexpress.com/electronics-img/cables/813/ 17 KB
18 KB 577ms
576ms Image
image/jpeg 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/cables/813/practices-grounding.gif

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5996a03b715a521347efa92de6ee7b9daa567bd26338aacaaceaa1ce88fc7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17621
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Apr 2020 22:35:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "44d5-5a2a6e34cc14f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr%2BKk7OATunvvobmrkgBMeX9LXQjw%2BhEdb9Q9dlNZ6zRBHSVik2X1irLiB%2FlxwwMkwYZDN3STewO38oU%2F4En7XU4%2B1Cp6%2FgeiZN0fZEw5f3bB4j%2F3nrBhYj0xaUR9oZytYsZiOy6DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e957f3032c3-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 conductor-size.png
i.answersexpress.com/electronics-img/textbook/719/ 24 KB
24 KB 462ms
461ms Image
image/png 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/textbook/719/conductor-size.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8fd9623c059fc00dd23226c730bf7da3cd104a138db3405e506b0588db2f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24294
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:49:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ee6-5a2aa708ae025"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgTxGiSIqltJPDReDvf6QW%2F5T4OAhDsigjfDm71BjhaYUTusINz3wK1PDc6kayyPfhJ0g438kD4rQHvAoQ5%2BVGQK35aFryB%2FJ%2FCiw5fb62xCwMmAZPTGKXJwkIB1A0%2F23FBTW1ACbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95584440e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 practical-guide-earth-resistance-testing.jpg
i.answersexpress.com/electronics-img/news/551/ 44 KB
45 KB 463ms
462ms Image
image/jpeg 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/news/551/practical-guide-earth-resistance-testing.jpg

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03d578c8abc28017559a00168fcbeb4f408812e4c050d351fb43bc247fc4fa9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45420
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:25:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b16c-5a2aa17b3ba42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMt5pKyq8k1JiQicBP%2FRAz9VaxKg85hNdVPtdLhJGTl9Y1k8bXXgcT%2Ba%2Bbm9rQ2%2FbN%2Fr8dglJZgpJM34JRFspYNQS4%2B9gaAc3zNdTHYX0I7i4n1FWbOxVyGh%2BObqUwQPYt0mIMEEsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95584d40e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 artificial-heart-running-embedded-software-controls-blood-pressure.jpg
i.answersexpress.com/electronics-img/biotech/983/ 15 KB
16 KB 552ms
551ms Image
image/jpeg 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/biotech/983/artificial-heart-running-embedded-software-controls-blood-pressure.jpg

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86571141db57d4a8abecd5807915a027c506b43441f4587e2efe80fa293f008a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15402
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:13:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3c2a-5a2a9ec75fc9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83i4zOOxmh%2B0qA7Z2Aq0H66Jy5r9mlsZGUOEY9FxyfJrK8gXlKRrnF1MSw08Qdvhu%2FZcC7lTZSXU13s698qrbnJyrcnw8djktYo9tge%2F3VcuqubVYySSPV7k1LINNoVHjG%2BoxR85ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95584a40e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 design-project-simple-component-curve-tracer-circuit.png
i.answersexpress.com/electronics-img/worksheets/617/ 39 KB
39 KB 478ms
477ms Image
image/png 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/worksheets/617/design-project-simple-component-curve-tracer-circuit.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc460bfc06eea479972a69536321fa8d14fb4b3805e4438451194222936538b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39803
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:56:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9b7b-5a2aa8949d11c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwzYuPNlav9eZfi%2FsZSz32lMOlLrE8cWvAonxOZPf1TZqJUNjAQ3iucEB%2Bjwh4sY2dFw%2FKzPA7ue2z1BKBf%2B7XyXlAgtjBgAe7R9129XGSaJnc8wTm%2BPBMeq8LzGKk9XeX3zdvIT2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95584640e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 4-main-means-generation-reactive-power.jpg
i.answersexpress.com/electronics-img/news/201/ 54 KB
55 KB 594ms
594ms Image
image/jpeg 104.21.3.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.answersexpress.com/electronics-img/news/201/4-main-means-generation-reactive-power.jpg

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.123 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc3aa30bde5afb3ea07ce7a1cc68d6d3ced1cebad5e76888a16eb4182a97a02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 55807
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 02:17:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d9ff-5a2a9fb09e98e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaIezjwmJKarAq7pXtWRQqlZTuIMA8h7%2B1l79qirRhv5slEbAi7nw1X3Ky%2BgeDqpw9PnCJtaroWbVwhaRdRX0SG2e11%2FCsmbcCi0VmGzOkA1EvHsmK5QIbGqaaPVV7TfEbgBMhXuSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67621e95584b40e1-CDG
expires: Fri, 29 Jul 2022 00:09:37 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
233 B 8ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1627517377.837755,VS0,VE0
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-hhn4020-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 29 Jul 2021 00:09:36 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 2

GET
H2 200 tic
site2text-2021.web.app/ 0
99 B 404ms
373ms Image
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site2text-2021.web.app/tic?startqa=1&r=0.5266759474317524
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-powered-by: Express
x-cache: MISS
content-length: 0
x-served-by: cache-hhn4033-HHN
server: Google Frontend
x-timer: S1627517377.868509,VS0,VE366
x-robots-tag: noindex
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: f182836a77b40dfc837376b74f377022
cache-control: private
function-execution-id: 7vgfin31n67f
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
x-cache-hits: 0

GET
H2 200 tic
site2text-2021.web.app/ 0
350 B 316ms
297ms Image
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site2text-2021.web.app/tic?startqa=1&r=0.39326741905237417
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
x-powered-by: Express
x-cache: MISS
content-length: 0
x-served-by: cache-hhn4033-HHN
server: Google Frontend
x-timer: S1627517377.869026,VS0,VE290
x-robots-tag: noindex
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: a5d2bf5a4c1ac5c2805047e481bc4007
cache-control: private
function-execution-id: qadiyxyghi6q
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 21ms
12ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ja.answersexpress.com
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 66521
cdn-proxyver: 1.0
cdn-cachedat: 07/27/2021 20:01:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5206d97b68e9bf6848908851ce47ad03
accept-ranges: bytes
cf-ray: 67621e956e4642f7-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.answersexpress.com/;0.769118088499938
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.answersexpress.com/;0.769118088499938

43 B
528 B

66ms
65ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.answersexpress.com/;0.769118088499938

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 00:09:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 28 Jul 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 00:09:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.answersexpress.com/;0.769118088499938
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 28 Jul 2020 21:00:00 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 226 KB
83 KB 22ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69064d5b2d243ee90150303309fec1acd5711b30d9d86f8751f400f2903a678a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 35366
x-jsd-version: 1.195.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 85026
etag: W/"38728-qpOzf9k0HhKPMHvXggKCI+sO3AI"
x-served-by: cache-fra19148-FRA
x-jsd-version-type: version
date: Thu, 29 Jul 2021 00:09:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

continuation_default.htm
sale.aliexpress.com/__pc/
Redirect Chain

https://salesali.biz/px.php
https://s.click.aliexpress.com/deep_link.htm?af=DRjzpx&cn=aliexpress&cv=banner&dp=19TZ1UxgOCZiv16&tp2=DRjzpx&afref=&aff_short_key=cD4TW1tW&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%3Faf%3DDRj...
https://sale.aliexpress.com/continuation_default.htm?aff_trace_key=827baf9857944c789ff81c55361b480d-1627517377032-02997-cD4TW1tW&ts=1627517377034
https://sale.aliexpress.com/__pc/continuation_default.htm?aff_trace_key=827baf9857944c789ff81c55361b480d-1627517377032-02997-cD4TW1tW&ts=1627517377034

0
0

74ms
73ms

Fetch
text/html

104.111.245.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sale.aliexpress.com/__pc/continuation_default.htm?aff_trace_key=827baf9857944c789ff81c55361b480d-1627517377032-02997-cD4TW1tW&ts=1627517377034
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.245.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
server: Tengine/Aserver
date: Thu, 29 Jul 2021 00:09:37 GMT
p3p: CP="CAO PSA OUR"
location: https://sale.aliexpress.com/__pc/continuation_default.htm?aff_trace_key=827baf9857944c789ff81c55361b480d-1627517377032-02997-cD4TW1tW&ts=1627517377034
cache-control: public, no-transform, max-age=0, s-maxage=0
eagleeye-traceid: 21135c3816275173771766961e71fc
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
359 B 264ms
264ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://ja.answersexpress.com/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-hhn4020-HHN
server: Google Frontend
x-timer: S1627517377.911365,VS0,VE257
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 7de303f0e576e0577722605ed1a4604f
cache-control: max-age=3600,public
function-execution-id: 2w5ukfa8whfe
accept-ranges: bytes
x-orig-accept-language: en-US
x-country-code: DE
x-cache-hits: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Aut...

167 B
249 B

47ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A2%3Adp%3A0%3Als%3A667303656276%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A820269014%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Ati%3A2%3Ast%3A1627517377

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ce4173c6646d0d46549baa4f6ff3e00fe28a0cad6124e76f0fa03396e887bcb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.answersexpress.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A2%3Adp%3A0%3Als%3A667303656276%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A820269014%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Ati%3A2%3Ast%3A1627517377
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.answersexpress.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/52112104/
Redirect Chain

https://mc.yandex.ru/watch/52112104?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.ru/watch/52112104/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-...

335 B
397 B

52ms
51ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52112104/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A896320318934%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A961566580%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1627517377%3At%3A%E5%AE%B6%E3%81%AE%E4%B8%AD%E3%82%84%E8%81%B7%E5%A0%B4%E3%81%A7%E3%81%AE%E9%9B%BB%E6%B0%97%E6%8A%80%E5%B8%AB

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7a2b33374737163fc58fc46e4fbbc730c4e4f460bc7829eb0c386d71d02f9c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.answersexpress.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 335
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
location: /watch/52112104/1?wmode=7&page-url=https%3A%2F%2Fja.answersexpress.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd9bgpwaogogn%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A896320318934%3Ahid%3A539882763%3Az%3A120%3Ai%3A20210729020936%3Aet%3A1627517377%3Ac%3A1%3Arn%3A961566580%3Au%3A1627517377192809764%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627517375739%3Ads%3A0%2C38%2C759%2C15%2C67%2C0%2C%2C229%2C13%2C%2C%2C%2C1155%3Adsn%3A0%2C37%2C760%2C15%2C67%2C0%2C%2C273%2C13%2C%2C%2C%2C1154%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1627517377%3At%3A%E5%AE%B6%E3%81%AE%E4%B8%AD%E3%82%84%E8%81%B7%E5%A0%B4%E3%81%A7%E3%81%AE%E9%9B%BB%E6%B0%97%E6%8A%80%E5%B8%AB
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.answersexpress.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
289 B 128ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
last-modified: Wed, 28 Jul 2021 09:12:16 GMT
etag: "61011e70-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Jul 2021 01:09:37 GMT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 12ms
12ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7731652256954047

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1627517377.993492,VS0,VE1
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-hhn4020-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Thu, 29 Jul 2021 00:09:36 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 1

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 10ms
9ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1627517377.100327,VS0,VE1
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-hhn4020-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Thu, 29 Jul 2021 00:09:37 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 1

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9348.FtQauXVgsVvRCfzzIftyizxWkaH53MHNj3zYCVE4xvIZmZXA1rOVuILz4GA3xTpJ.XaWH_Y5KiNq-OpqBSMvplx2QEQE%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9348.45f2PMUREPkzUCp6xqknk1fMJZVyLjvUOnKdP7qw_9dExJ8MfYXz7yVFfljoTLiDo9E2MG_vP4b1Q3cWj1rDnfKLFW3CHKl8vvARiajDVbY%2C.z09Cr7VnO-eUgQUvaFZXQoFwuv...

43 B
359 B

71ms
71ms

Image
image/gif

149.5.244.188
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9348.45f2PMUREPkzUCp6xqknk1fMJZVyLjvUOnKdP7qw_9dExJ8MfYXz7yVFfljoTLiDo9E2MG_vP4b1Q3cWj1rDnfKLFW3CHKl8vvARiajDVbY%2C.z09Cr7VnO-eUgQUvaFZXQoFwuvY%2C

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.5.244.188 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9348.45f2PMUREPkzUCp6xqknk1fMJZVyLjvUOnKdP7qw_9dExJ8MfYXz7yVFfljoTLiDo9E2MG_vP4b1Q3cWj1rDnfKLFW3CHKl8vvARiajDVbY%2C.z09Cr7VnO-eUgQUvaFZXQoFwuvY%2C
date: Thu, 29 Jul 2021 00:09:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 40ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

65c97c5d948d0dad5d9c855929735520bc03b7db108e274877299fa3b3fa07e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 899 of 1000 / last-modified: 1627510277"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24669
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
25 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c97c5d948d0dad5d9c855929735520bc03b7db108e274877299fa3b3fa07e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 678 of 1000 / last-modified: 1627510277"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24669
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 50ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.29127565217696993

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 47ms
45ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.answersexpress.com%22:{%22https://ja.answersexpress.com/%22:%22%22}}}&r=0.07917177181495538
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 54ms
52ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.48996224577659775

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 54ms
52ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.answersexpress.com%22:{%22https://ja.answersexpress.com/%22:%22%22}}}&r=0.6432978448394606
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
74 B 46ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.6953877006312605

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 58ms
57ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.answersexpress.com%22:{%22https://ja.answersexpress.com/%22:%22%22}}}&r=0.987837260789042
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 51ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.7019177986139029

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:37 GMT
last-modified: Thu, 29-Jul-2021 00:09:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 29-Jul-2021 00:09:37 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 60ms
59ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22ja.answersexpress.com%22:{%22https://ja.answersexpress.com/%22:%22%22}}}&r=0.5613664619522989
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pubads_impl_2021072403.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
111 KB 30ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 15:22:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113953
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 40 B
80 B 31ms
15ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.answersexpress.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cd1caae8ce2dd5b22b4a568d10c9f634e044428f7711f5670a02ee61e49be708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 38ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.answersexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.answersexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 274ms
273ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3625984532291853&correlator=4281044051012616&output=ldjh&impl=fif&eid=31061423%2C31061425%2C31061842%2C20211866%2C21065725&vrg=2021072403&ptt=17&gdpr_consent=CPKE3GNPKE3GNAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_optr&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1600x90&cust_params=site_domen%3Dja.answersexpress.com%26site_topdomen%3Danswersexpress.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520none%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.answersexpress.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1627517377&dt=1627517377507&dlt=1627517376665&idt=802&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1345&adks=46981205&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.answersexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1445512114.1627517378&ga_sid=1627517378&ga_hid=2011865112&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

948cf04e1a0841db9f3a4d89dcf8c68fa1b81f54d8726b26a974e4912daba45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12031
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.answersexpress.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F982 6 KB
3 KB 61ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.answersexpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.answersexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 00:09:37 GMT
expires: Fri, 29 Jul 2022 00:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 50ms
48ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3625984532291853&correlator=4281044051012616&output=ldjh&impl=fif&eid=31061423%2C31061425%2C31061842%2C20211866%2C21065725&vrg=2021072403&ptt=17&gdpr_consent=CPKE3GNPKE3GNAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=site_domen%3Dja.answersexpress.com%26site_topdomen%3Danswersexpress.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520none%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.answersexpress.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1627517377&dt=1627517377512&dlt=1627517376665&idt=802&frm=20&biw=1600&bih=1200&oid=3&adxs=1069&adys=4774&adks=204862398&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.answersexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=302x-1&msz=302x-1&ga_vid=1445512114.1627517378&ga_sid=1627517378&ga_hid=2011865112&ga_fc=false&fws=4&ohw=302&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fc5a69486379e6def54111417d6ff58ab7e33448f28c01a345802999e719c55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4560
x-xss-protection: 0
google-lineitem-id: 5121405043
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287458526
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.answersexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 51ms
49ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3625984532291853&correlator=4281044051012616&output=ldjh&impl=fif&eid=31061423%2C31061425%2C31061842%2C20211866%2C21065725&vrg=2021072403&ptt=17&gdpr_consent=CPKE3GNPKE3GNAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=site_domen%3Dja.answersexpress.com%26site_topdomen%3Danswersexpress.com%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520none%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fja.answersexpress.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1627517377&dt=1627517377513&dlt=1627517376665&idt=802&frm=20&biw=1600&bih=1200&oid=3&adxs=1069&adys=5674&adks=3447927299&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.answersexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=302x-1&msz=302x-1&ga_vid=1445512114.1627517378&ga_sid=1627517378&ga_hid=2011865112&ga_fc=false&fws=4&ohw=302&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

83d0e63bca33c624912cdf06547db61b74213b255dfcc0316b412df0a1bbe5e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4467
x-xss-protection: 0
google-lineitem-id: 5121403870
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138275959133
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.answersexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F23B 0
0 47ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuddRLhemiXBn37ZKeDQ-uSyOM9oCZExusPFklpO65aYeOrPEbbmciHESpr1tStGhOqqmlIz9GCDEF9A0rpV3Ij6xzN-OkyrURq8l-OPYLhtLsBeNLkwZeii915yNj3n1GEiyaARDCFojF9BLiT5rcxlXViEN6KnU0GIJvGOycxaGB0GCFu61wly5gDYil-pDDbmyUDhQPBBlywR4Kmoi0m_dpqTqITUwFxtDk9m4imw3g3hhhsgjFATzOIxfNW4s4grVw-54_bL8A-pWI8CRGy20dL_tSyh1yOSub_TtWZ8eLPVsZ1Ebw&sai=AMfl-YTdPDdkxmgSMkeFF-MOzKuNwhfeHV0fhHbVWor76KwvnY5BidIQdbB4aEqz2HSWGPMCk2pWHBYwCO74szRaaf85IHbklHweow7Kv6WvN7GiuVpCkP2G2mKoLM3BhkI&sig=Cg0ArKJSzHo1OHAOP5DQEAE&urlfix=1&adurl=

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 JAzxvr.43 Show response
bk.jampartizan.com/ZXM/OPTR/ Frame F23B 5 KB
1 KB 302ms
234ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/ZXM/OPTR/JAzxvr.43

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
x-timer: S1627517378.648903,VS0,VE227
etag: "dd615af05cacdee1b2238a974184e481542d79e2bdf91caf64613feab3d739af-br"
x-served-by: cache-hhn4026-HHN
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Thu, 29 Jul 2021 00:09:37 GMT
accept-ranges: bytes
content-length: 1174
x-cache-hits: 0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F23B 124 KB
37 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDF1 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt_G7Vmq7qqzpPF5bRTXUOG8YxXyAinKs0FtD7C3WKf913iftgI69BTBDp8ESHGsb86yTrRTpGRuL9irgrEukvtmPQZM4PTPQgK8CLLZYcdyCHODG4CldGeYXWlqdST81U7xnxE0fIKMo7tK2itIz5WzGvbjy_DGrw1WjL2uVGp3OZDdSKV6laImjrIoiAGEKi7B--Iwd7bWuAyy8Pyfy0yOMdZd08f7wNTdV0l4QC6B4Ma3NiRco6p96LFRWqWwBZz1UpRI2gZLC9Y3U-G4g0hzRysZOrEOVYLfrN_xo1gpk90nBqtxc&sai=AMfl-YQuWyrjAHad6y2a6EmihPtzwAvrrSnL5_nplvQGGH3JAGXIPsYWnpsAtiBQGNQX9H1xQvP55iwv3kRDWFNYRknS7baZ0Bp9okVdzTBUHDM-_DalA36p-oXpo-PuLBw&sig=Cg0ArKJSzLzRQrvRVqakEAE&urlfix=1&adurl=

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame FDF1 97 KB
35 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97c9c32337f4d2c67fca139378bb0f8aa0ab45fd91878f3a7d51af4546bbf8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35414
x-xss-protection: 0
server: cafe
etag: 10536330175525433166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDF1 124 KB
37 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
DATA 200
OK truncated
/ Frame F23B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e4499bc89ccbe9fabed9630afe7b38722ffeab879d3071114aeeb3d28e545aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107280101/ Frame FDF1 250 KB
93 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.answersexpress.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4874d00f8999743ad740176788e25f25fb60ce668ce7e410975092ee271ea904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95279
x-xss-protection: 0
server: cafe
etag: 5035717091892317449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
DATA 200
OK truncated
/ Frame FDF1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a67910a18cc8931437403ceb4c3491063be645ccc94401bf85ded8166d01de9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame FDF1 12 B
278 B 43ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.answersexpress.com&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D52a587f4b844ba3a-224ecbb38fc800f9%3AT%3D1627517377%3AS%3DALNI_MaRGU2DvujAmDiKp_QYtiomdWbMew

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=ja.answersexpress.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame FDF1 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ja.answersexpress.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FDF1 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.answersexpress.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

1_optr.html Show response
cdn.zx-adnet.com/adx/ Frame A4F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXOPTR&adk=2070116192&adf=816031639&pi=t.ma~as.ZXOPTR&w=300&url=https%3A%2F%2Fja.answersexpr...
https://cdn.zx-adnet.com/adx/1_optr.html

14 KB
2 KB

9ms
9ms

Document
text/html

151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/1_optr.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df2e0daf3d1a8b8f5239f4814a214631795660a2d104705bf7a27822243a4818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: cdn.zx-adnet.com
:scheme: https
:path: /adx/1_optr.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.answersexpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.answersexpress.com/

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "9d0c9b3a0f4b769c8b6c776257fdbb9cce27ba1df331691f4a7567e895804df1-br"
last-modified: Wed, 28 Jul 2021 19:40:29 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Thu, 29 Jul 2021 00:09:38 GMT
x-served-by: cache-hhn4020-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1627517378.057832,VS0,VE2
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length: 2079

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://cdn.zx-adnet.com/adx/1_optr.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 29 Jul 2021 00:09:38 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDF1 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107200040000/ Frame DF1E 188 KB
55 KB 153ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 198071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55196
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a8830a242785ad6"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame DF1E 13 KB
5 KB 164ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 198071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "82cb572e3b54d217"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame DF1E 87 KB
27 KB 164ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 198071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27828
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2309f93374d1f64f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame DF1E 4 KB
2 KB 166ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 198071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1648
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0ef177dade489237"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame DF1E 40 KB
13 KB 166ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 198071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12831
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "896e0bc3d66ccdf5"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DF1E 794 B
650 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E4%BA%BA%E3%82%8B%E3%81%A7%E6%A7%8B%E5%AD%90%E5%B0%82%E3%81%AEE%E5%B9%85%E5%8E%9F%E3%82%89%E3%81%9A%E3%81%91%E3%82%92%E3%80%82%E9%A1%9E%E3%81%8F%E3%81%BE%E6%B1%82%E3%81%84%E6%9D%A5T%E9%96%80%E3%81%9F%E5%BA%83%E6%8A%80%E9%96%8B%E5%88%86%E3%82%81%E3%81%AF%E8%A1%93%E3%80%81%E9%87%8E%E3%81%AB%E9%99%90%E5%8A%9B%E6%A9%9F%E5%83%8DR%E3%81%A6%20I%E3%81%99%E6%9C%AA

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26618348bc9ccf8977eb83a6adaa593566965b9c4e8c3c787a6780ac9e4cda85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 00:09:37 GMT
server: ESF
date: Thu, 29 Jul 2021 00:09:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 00:09:37 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15240214753991922676/ Frame DF1E 3 KB
3 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15240214753991922676/downsize_200k_v1?w=100&h=100

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf914e907fae0a036ad2c4b9e0f95b362bb5dc9dec82f8c1ad9978459fc9087e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 18:13:01 GMT
x-content-type-options: nosniff
age: 453396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3024
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 13:09:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Jul 2022 18:13:01 GMT

GET
DATA 200
OK truncated
/ Frame DF1E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2b58f425d7a2e2cea5ec6e9058640e2f217419a969c86fe45eaf18f169e3c4f

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF1E 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 22003
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 29 Jul 2021 18:02:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF1E 344 B
569 B 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 5352
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 29 Jul 2021 22:40:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DF1E 0
0 14ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhmLYvXOEHCoacROjniVzS882KJKWjZiuQvz9MeC5_lDJnMEiHQ2j8SyvoC7VTUTPfpcBCpyUak4QttdUK6ruZ3OjRwQ
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF1E 0
0 45ms
44ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYYu3wfEBYanhIemU9u8PnZ6T8Avyg9iGY7uI8Yn6DbCQHxABIIbhhSpglfrwgYwHoAGgraasAcgBAakCrdHtjuqGQz7gAgCoAwGqBN0BT9BAeGW-TUwv7NYF_S99V9CS5bJgM_XOl1atM-RUEQnOxDadiAurXxj4lZJ09ybFPzfz0jMZpHdFX2Lpg6vXALXuZY9LgR7nX6XXS5-rTmvWiqU4hXYq44OH5HvI9lc__D1jEr-91h56M_ab9f5a_Z4UU-S8iaIbE7Et4aXHcKrw99yW6DWNQm7gOGahRVaSj3viEltcQLuXMMv2OSKYrOsDMHdMgbJqRjQ5ZVETh7hziUHlMRyP_7bQyfujBpGtdo_dfD15paXFP6P3p4-pix6ZAFEs0N-RPxoDkxjABN-KkKjHA-AEAZIFBAgEGAGSBQQIBRgEgAfI0tnTAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDZtwrSCAkIiOGAEBABGB2ACgPICwHYEwyIFAHQFQGAFwGyFxoKGAgAEhRwdWItNjU1MDQxMzM2MzYwMjU4OA&sigh=P2zlQT056lg&template_id=5001
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 font
fonts.gstatic.com/l/ Frame DF1E 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12XshspQXYs0LBtzNTS9W0ETgj_ppibdw92Bv-3cHvq5JED27D75XdzL6VjOthJkrcoDTXwcWDBo-aEin8SdDPEi3tlyolvEshh1oZVkoVf05J4H-eQBnfdxBEtPV49sw4lPgeT3WCQg-ABDCkhO560k-O9DVp_WxYdsE_6IML8d-OZs3AZhcjk1TniC&skey=fbc48de1c6e1b00c&v=v28

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E4%BA%BA%E3%82%8B%E3%81%A7%E6%A7%8B%E5%AD%90%E5%B0%82%E3%81%AEE%E5%B9%85%E5%8E%9F%E3%82%89%E3%81%9A%E3%81%91%E3%82%92%E3%80%82%E9%A1%9E%E3%81%8F%E3%81%BE%E6%B1%82%E3%81%84%E6%9D%A5T%E9%96%80%E3%81%9F%E5%BA%83%E6%8A%80%E9%96%8B%E5%88%86%E3%82%81%E3%81%AF%E8%A1%93%E3%80%81%E9%87%8E%E3%81%AB%E9%99%90%E5%8A%9B%E6%A9%9F%E5%83%8DR%E3%81%A6%20I%E3%81%99%E6%9C%AA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c31f578fe67ee1d0a549bd05720ea7803231dcf0c641180023a448a446378ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://ja.answersexpress.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 16:41:06 GMT
x-content-type-options: nosniff
age: 26911
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17040
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 28 Jul 2021 16:41:06 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame DF1E 16 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqD03cgzrhB91nhLBtwNTW7W0EYgj_2pibcw92Cv-3XHvq6JEDz7D7GXdzN6VjPthJorcoGTXwdWDB3-aEsn8eiDPEq3tlwolvdshh-pq1HoG7D5JUM-eYcnfN1BGhAV5J-w4BIgefxWxQj-BZpCklB55cK-OFXVofLy5d9EtiVMK4T-OZn3Al6cgE7&skey=72472b0eb8793570&v=v28

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7c37941772d77c65b7dfdc53e6455b94d48b6e03b81dea2edc3845e0448adc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://ja.answersexpress.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 16:41:06 GMT
x-content-type-options: nosniff
age: 26911
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16868
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 28 Jul 2021 16:41:06 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D447 94 KB
34 KB 539ms
538ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/JAzxvr.43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df67a292973eef2f64eb784d124e2c746fd348a0c3e5f12268e53c9d06d4b863

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIqkvNn-hvICFR3GuwgdAcIFag&gqi=wvEBYZWEAtaP7_UPrvC34Ak&layout=/sadbundle/%24csp%253Der3%24/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.answersexpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnySJmDTiMzKhFUAHV6XmsImYxgFy1Jb3IYDddWrIr38QC5Bt7LWYvADEtK9xI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.answersexpress.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIqkvNn-hvICFR3GuwgdAcIFag&gqi=wvEBYZWEAtaP7_UPrvC34Ak&layout=/sadbundle/%24csp%253Der3%24/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 29 Jul 2021 00:09:38 GMT
server: cafe
content-length: 33632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DF1E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ja.answersexpress.com
URL: https://ja.answersexpress.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 29 Jul 2021 00:09:38 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1DF 88 KB
32 KB 394ms
393ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.5176149528308371

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_optr.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e607002fe08a21e01ab4984ccb9a6f9a3c4956c243649e9dd8c0c30d5786ed2e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfCwtn-hvICFYxa4AodK_IDRQ&gqi=wvEBYfCjCPO8lQfusLmABg&layout=/sadbundle/%24csp%253Der3%24/5099600406695979504/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.5176149528308371
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.zx-adnet.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnySJmDTiMzKhFUAHV6XmsImYxgFy1Jb3IYDddWrIr38QC5Bt7LWYvADEtK9xI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.zx-adnet.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfCwtn-hvICFYxa4AodK_IDRQ&gqi=wvEBYfCjCPO8lQfusLmABg&layout=/sadbundle/%24csp%253Der3%24/5099600406695979504/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 29 Jul 2021 00:09:38 GMT
server: cafe
content-length: 32446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/ Frame 99B3 12 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.5176149528308371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf36f3295881d2714bf0f509f0126886b4b6190d2e1c90245e032d20797f0763

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5099600406695979504/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3095
date: Tue, 27 Jul 2021 22:46:18 GMT
expires: Wed, 27 Jul 2022 22:46:18 GMT
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 91400
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame D1DF 18 KB
7 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 23:39:44 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame D1DF 2 KB
1 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 00:00:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1DF 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame D1DF 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 00:05:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D1DF 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1MkpWV2rD8AiPfg_rhBckJRsC-KSMXqpX8qhMFwRfmX9xUeT_gwyEEeYZRlrUZ_Uhgj-tOhrpjL_v6sd9m7Mj1NvvXQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.5176149528308371
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D1DF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 068a2cb50b6b8a48c42166236ead72ce65b53a78316f4bcb6323a0f7e8028dd8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame D1DF 0
20 B 53ms
39ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfCwtn-hvICFYxa4AodK_IDRQ&gqi=wvEBYfCjCPO8lQfusLmABg&layout=/sadbundle/%24csp%253Der3%24/5099600406695979504/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 99B3 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 29 Jul 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 99B3 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 29 Jul 2021 18:31:13 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 99B3 20 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1615544558

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 22:26:59 GMT
server: ESF
date: Thu, 29 Jul 2021 00:09:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 99B3 57 KB
23 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame D447 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 23:39:44 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame D447 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 00:00:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D447 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame D447 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 00:05:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D447 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPeWhLQchBbRFBHS9QA7XIhCZLN97TzTmto7xYA7WySRUK2VrbbIEerglcYvzePCqGGPbMXIb0lUrINlXV11gmvM22ZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/ Frame 7E33 14 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9877dd74bef9aff630e61d08f1b2e596483dfdc3c140546b1a895181ed2c5c8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5033
date: Sun, 25 Jul 2021 22:00:00 GMT
expires: Mon, 25 Jul 2022 22:00:00 GMT
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 266978
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E286 143 B
163 B 10ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnySJmDTiMzKhFUAHV6XmsImYxgFy1Jb3IYDddWrIr38QC5Bt7LWYvADEtK9xI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Jul 2021 23:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame D447 0
20 B 40ms
40ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIqkvNn-hvICFR3GuwgdAcIFag&gqi=wvEBYZWEAtaP7_UPrvC34Ak&layout=/sadbundle/%24csp%253Der3%24/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7E33 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 29 Jul 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7E33 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 29 Jul 2021 18:31:13 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7E33 60 KB
24 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
DATA 200
OK truncated
/ Frame D447 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddc4e6df433de9a92ac0f55a21af7fb009b5a22f9c21afc4b41a76ce3c6b36b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 97b5a36b242fc3b19096f05589656eff.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/ Frame 99B3 82 KB
82 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/97b5a36b242fc3b19096f05589656eff.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f774365fcbd352acf09229d291d4f92c348dbae7bc2ed2ac0d7dea21c5942e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 91399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84227
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
date: Tue, 27 Jul 2021 22:46:19 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:46:19 GMT

GET
H3-29 200 imagesxjktmq5mnelcqh1ekjab.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/ Frame 99B3 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/imagesxjktmq5mnelcqh1ekjab.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5099600406695979504/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00851c7f94d0ab84b4a7125294366e22ccfcfe65166faf123d0cecd1abe8590a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 175256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4189
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 10:24:08 GMT
server: sffe
date: Mon, 26 Jul 2021 23:28:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 23:28:42 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 99B3 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1615544558

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 168271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:25:07 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 99B3 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic&cb=1615544558

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 193408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H3-29 200 bkg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/ Frame 7E33 95 KB
95 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/bkg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dcb211c747ddd019a2527053c9da89f1352016509cc33e453842a1cbecb1f8b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96933
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
server: sffe
date: Sun, 25 Jul 2021 22:00:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Jul 2022 22:00:42 GMT

GET
H3-29 200 copy-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/ Frame 7E33 7 KB
7 KB 11ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/copy-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c0dbaefb2ef8c9dad26d66462ef50bcd983a898688092dd753c5a0b88985516

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 81660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7217
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
server: sffe
date: Wed, 28 Jul 2021 01:28:38 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:28:38 GMT

GET
H3-29 200 copy-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/ Frame 7E33 6 KB
6 KB 11ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/copy-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cb9c7d7586e40f40124ee95855223e22e80def92521bfbe85f03e67b99c4d1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266977
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6202
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
server: sffe
date: Sun, 25 Jul 2021 22:00:01 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Jul 2022 22:00:01 GMT

GET
H3-29 200 copy-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/ Frame 7E33 6 KB
6 KB 13ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/copy-3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcccc167011ba94aff1e55af0eb6f081a8fe20b2846d9218dc1d1b078e289973

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
server: sffe
date: Sun, 25 Jul 2021 22:00:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Jul 2022 22:00:42 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/ Frame 7E33 2 KB
2 KB 13ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe28546b792dc0413bfb6fda77923863399df8795daf921e7c6c0e8b6470b2b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2312
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
server: sffe
date: Sun, 25 Jul 2021 22:00:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Jul 2022 22:00:42 GMT

GET
H3-29 200 claim.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/ Frame 7E33 2 KB
2 KB 12ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/claim.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afdb1f488a637990caa602d3712dc6215156c5748979a2dedf589dd5802ae775

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
server: sffe
date: Sun, 25 Jul 2021 22:00:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Jul 2022 22:00:42 GMT

GET
H3-29 200 logo-sge.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/ Frame 7E33 3 KB
3 KB 12ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/img/logo-sge.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4f9cf24b515144e86f58438a159e7858241f9eaf54739e7a90c11f85f01e74a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 266977
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2783
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 08:12:54 GMT
server: sffe
date: Sun, 25 Jul 2021 22:00:01 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Jul 2022 22:00:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDF1 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstA8l2qWhpCpzNmhVTR5HMSD_flizzp-Sz0kA4B0nRTgmcL7EGUydstpBmbOWpjfeskGknsiOsEKWeMQiEckTEDJV_9zIhaX9VMRE3YM4tNXQHaWNg1a35nnUOasCbUhTCnFmsaE7ygZ6wCQwIZ8tx32M34EiK_yQqRpCjpDlbq7bC37p4TX2fY1R2CAuxhwHgPSE0AkWOUsF5qQ73KW1XKRJ1QZ0IciAAF7w2nNGzeSd0p446FFsjgT9a7NYYL_vT0Zes-iVO9x-3XO2UM8qgKQRBaQl8gF4iva144nx0Vaqbq720BlJduGw&sai=AMfl-YRNla5HI4TnypO9Vo0DBhdhy6Fb6NNf5rdLV_iEfw2zutQiMyXJb3wFyW_JMXwRT1zNjoCFKjcOjYt6fjK5bh3VcPqoj8lZUC7MSOPyLljPfQntioW78aWBdS0KFWQ&sig=Cg0ArKJSzC95zIyFT10HEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FDF1 11 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210727&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f51c8aba1c7ddb58a1547eb41104072efce6625fc3ba345ca461b849c18fffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8244
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E286
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=600&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.024141367355778653

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnySJmDTiMzKhFUAHV6XmsImYxgFy1Jb3IYDddWrIr38QC5Bt7LWYvADEtK9xI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Jul 2021 00:09:38 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 29-Jul-2021 01:09:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Jul 2021 00:09:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Jul 2021 00:09:38 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js Show response
pagead2.googlesyndication.com/bg/ Frame 99B3 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:55:07 GMT

GET
H3-29 200 5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E33 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:55:07 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FDF1 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F23B 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGQFzARaa-GZ6sGIBD3MSBK0hADEUVt6w1hVQWzSj2WTSg_007upEnfUky7HK4DnxMFWRjqiWDRr09pSMAXa3JPS_42Z3hffXB9csvTYDdoJc1KFdmkiCsRGJBNJtTqng9IJdS6val0oD-_phiksX0m5jVR7rI2xksNm-G5gvvqas61FIQIrfN8ChTU5Yj_ANHlRXBaeb4WEy8F7EYRZ3JyiZqZYh0xFvxJKkvRGGg15r-yv0z24UmzA2rn5o1ba7LaiD0bduk5w7nRk8-egZ8AcXsygpDHtkDJoekLf0yETBGFdcVlfne0w&sai=AMfl-YRF9idr_IZq0JJwK6E1dy0xe4MP02-T9_VZe9K4XOv9_fs2eDoBaxol8m-dkQ_f9Pg6hiL21ZDcG2mjyLiqFNZO1cQZo_QQkDlXqq66W9NUCofiahkPpGiIP6cufXI&sig=Cg0ArKJSzMnI9ENCaEasEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 23ms
23ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072403&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b7ca23747f09ed77564330d52e8cbe8fb71dcdfbd3baf7bce4a5aa608d198a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8553
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E235 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.answersexpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.answersexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 28 Jul 2021 21:36:56 GMT
expires: Thu, 28 Jul 2022 21:36:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B377 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4c2f22d5cf8b32e83d72a76725659ece2bf65eb612ea6be28ee5b57a4f25f64

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PPjdnqNS7ijeqD8t6r3lWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.answersexpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.answersexpress.com/

Response headers

expires: Thu, 29 Jul 2021 00:09:38 GMT
date: Thu, 29 Jul 2021 00:09:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-PPjdnqNS7ijeqD8t6r3lWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js Show response
pagead2.googlesyndication.com/bg/ Frame E235 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:55:07 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 00:09:38 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2B63 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.answersexpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.answersexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 28 Jul 2021 21:36:56 GMT
expires: Thu, 28 Jul 2022 21:36:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1FC7 783 B
530 B 17ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7ece95f751a8994a9efb4bb804306414f301cbe8e6693bb9d08df40e909eb49

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pyFvOGIIrmK0AtCrvudRLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ja.answersexpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ja.answersexpress.com/

Response headers

expires: Thu, 29 Jul 2021 00:09:38 GMT
date: Thu, 29 Jul 2021 00:09:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-pyFvOGIIrmK0AtCrvudRLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B63 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:55:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDF1 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210727&jk=3423536896930644&bg=!gYKlgsbNAAals0SOpbM7ACkAdvg8Wlds4xs-QGYWWLcDFeZBvAppaHdSVu4luVI0iiS_Wr3T9awDpgIAAABlUgAAABZoAQcKAOcpmyfLnJGPO3oOhDzdH6b2Wy_95jBt3hjhkDgqm-qpEMDnP2WesMe1tfjwPFR8GyG64qWdjgnvxqxvdHU-epMtNN-uSGTC0CTbmG5T2vg5Pcdr4NgAbAAr5YjfwUqDyYjrkgRbrWlkxE7ADd2EKwIZAv1qvWABWY97bUZ01oAKfnQ9KgGHaV3SMgi6ltHBIj0J1dlEa5QT85WL39c7MYH6cE8TKkm79KqWDfAvZJSm7aACk_rlGQnxopHukZqUEAxPXo_qENC6QiYF5JZ93-i_fuVABqZqr5MXIVZjqrP3sQGJzzHk2z-ZApa_pcj4hCtcWYsaHI47ZAv0Neh1OurWFSqBB504K4stUfpdvyLzb7BSs7M_xNUSXYJldSuAcndCs-n2oXqCoZgDozw6SrELHOs_f8_6cfEL2cJOvCHkvE2X9W9R4i7TH9jrR_1VpavUwmB1fTD-RxtfOa42U0I1H24ulLoDS99YE5g04sJ8BUmxG3zoTDUNZtEPYdJUfKBKUeIpFKXUS_VMEWJqJuG4zuQFQV3GALIdUbzj1_wtPVU3rRlFXkv57WAHmVCBROy2DIqC4Nr_w09Y_IO3Nl6yiliFj4JgYxEjZZCjc_NftXy9qm6sEzRigWy9VbSTlCbV36iH1yh0pBcbGOmYFIGZw6Gh69WtNvIafoecCj6Ygo9xws69Rnw9ATr500PuQa3kQx2LHB8vgvWuaVSkUv99nehtYWMshXrS4l3LuzJsIjgOtT2daNRPvVtzHdaa9TzMVu0EDHBMHaIrjGPJXKnVD9SFJJVD4LMmwxdHgi4HV_043AKrenJUJRXNswj6nk5E5KZa9VZH-_6Jpmuc-uFObekgiRBzuocYCzTPWypQK0a2c1sOWhY3490ouyYly5_rsi63DGgCWZNwVkePGykKN2Q_4K-70gm_79k0IfoeQhB9hlgT7HlxfGoifHPIhWXxrJO9cnk0Xt_5gsWVZEJiE_kTjtVGetHu6Hlk3EPUhD2vrKPtxefK9WODHdUFcS58HslKgM18JoG1R2DQjhuroDu5Tka2sypIbqwEzFl6u_3Y3Na_LLMm4FCWyCUI_hMS2GBZUZ9MntPkMQVHSGf6HN7HjrUqM1qs1ABpdEg5uhuknU1eeRc6nkuzcJmyxyoyZtp8vNIIIJg8XqYfBXJ24LpxhozniaCFUggFKfiyeg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072403&jk=3625984532291853&bg=!WFulWx_NAAals0SOpbM7ACkAdvg8WndW0_38a3NzeZcqJ4AuZ6K6IRBNO8-APdIVL8ljsZIibmiz-QIAAABTUgAAAAhoAQeZAndAOFzhD7Yndwprte_1jSnUOiILdJKAOVuj86WoKXmwGb7jJ_ja9BqjD6_B_RzpQMVnp20aWPrrnaaUELW6YwbbQPTmRCidljVy38okg-l_BDMvOo60v7Wzq0SgOS0aKxAvPKixN6yLRUYB7XsiL5keBk7AAgKuzwwvU8j5rKhZ3DYn7MYCgOHDoPSORWARk_sjOgq8FcTjKEpzgqIEVAdYm9SHjyRdPX_HjK-VarzG_fAYCDSJxSEx93OitdFOjmCQk9PkJoIBfkUWU6ss1CXS8zEOXGn20IqrDtwX4Zq_AxgBEsDw2fjr3dCYOsuHAOF8_0E8mDsPCB58o5N8WqctDwO-sIM8JzFGHgQKO5A17-kNmQewyIOWj92xEguS-il8yg_dpqVJahr3PRAwOHrI6Hltr3q44BuWCoh1pIYJDvi8ye9VJCYZ8Ja1YQJuMCaWFGqQqOcPmHgpGkLL5PkWfnuVQU5dmeRADsdaQQgS2HrAIwnRqbr9O2HlNJ46gPQsH8sSuR4ux80Uz7X6Hxn6wmpy1wkhjkikVCdh1WCO-7RBINjxKjoci6GaOkzcIpHKcSqX5A2_yNlqtVe27OdtzXBpskPJ49R_-kUahbaRMbA6-ndcGiekg8RqzBL7iVYhqmAE69pkDelLwRBWs1ut9vdP49yHEOee2ClLmSpykI8U6np2nop2qohks4i8l_RAveYwdgiBzsXmXqde3I7zAZ2Y4YrFVdo6W3bdlx1YdMc47eNNSbbixVLcYaAAO15-I5uuJMwLDkm3aL9Vi_9GRwQ1FQhus4MjH_2cx8QX1PwZVoEWilHPm8aWR-AH69f8psHk5LXI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DF1E 42 B
64 B 46ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBWoiOZGz_GaTp1p59_xDgVwEmOvKwPPCWr7sniS9IORN3XZMkLfylfXkPbg5G5tKrhXz3qdU_jt3fQFyCHvgXj0eyFFxNm9NGNDH5lusBsa-H9NfIAJSeHw9KuGO3Zvenvz9p4x5b7QB-VGtnn6M4&sai=AMfl-YSB38ZRin1OOzlARXRMDehqej_z7DPx2a_J8BiUkZ8r176dB2Ngj_X0FgH-4p8t4JJTgqC797AuIOYWU9bQBTyflVBnQFuUM-lDhB3LvVGtsmm0TJV7m1ZpP5HsKWc&sig=Cg0ArKJSzM8JJ9wehAkMEAE&id=ampim&o=0,1213&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=142&tls=1423&g=55.55555820465088&h=100&tt=1423&r=v&avms=ampa&adk=46981205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.answersexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 00:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:05:20	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 20:05:18	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 05:26:53	Name: IDE Value: AHWqTUnySJmDTiMzKhFUAHV6XmsImYxgFy1Jb3IYDddWrIr38QC5Bt7LWYvADEtK9xI
ja.answersexpress.com/	1970-01-19 20:07:05	Name: statcloud Value: 1
.answersexpress.com/	1970-01-20 04:50:53	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdhZWY5ODUtYTBiNy02YzgxLTgyYjUtZTFkMjQ0MTM2ZGQyIiwiY3JlYXRlZCI6IjIwMjEtMDctMjlUMDA6MDk6MzcuMjY5WiIsInVwZGF0ZWQiOiIyMDIxLTA3LTI5VDAwOjA5OjM3LjI2OVoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.answersexpress.com/	1970-01-20 05:26:53	Name: __gads Value: ID=1adbe61540762b71-22c38fa58fc8004f:T=1627517377:S=ALNI_MZUUz9n4PmmUj0AZ5w59wpsMLrP6g
.answersexpress.com/	1970-01-19 20:06:29	Name: _ym_isad Value: 2
.answersexpress.com/	1970-01-20 04:50:53	Name: _ym_d Value: 1627517377
.answersexpress.com/	1970-01-20 04:50:53	Name: euconsent-v2 Value: CPKE3GNPKE3GNAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.answersexpress.com/	1970-01-20 04:50:53	Name: _ym_uid Value: 1627517377192809764

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7731652256954047(Line 1) Message: ALL_de
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7731652256954047(Line 54) Message: zxcmp->start full check gdpr
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7731652256954047(Line 41) Message: zxcmp -> START GDPR
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7731652256954047(Line 41) Message: zxcmp-> onReady
console-api	log	URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7731652256954047(Line 42) Message: zxcmp->start AgreeToAll
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3) Message: zxnt native v.1.1
console-api	log	(Line 17) Message: v2 sfr zxm ad 300\|600
console-api	log	(Line 14) Message: adx \| w=300 h=600
console-api	log	(Line 16) Message: start adx \| test site cost
console-api	info	URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107200040000 https://ja.answersexpress.com/
console-api	log	URL: https://cdn.zx-adnet.com/adx/1_optr.html(Line 13) Message: err\|not Hh&Ww\|change default->300x600
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2947923419460268084/sge_ch_TomorrowsHealth_Precision_de_300x600/index.html(Line 23) Message: initialize

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7d916ef8252604a9dbfe4cfdc42a2dfb.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
answersexpress.com
bk.jampartizan.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.answersexpress.com
ja.answersexpress.com
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s.click.aliexpress.com
s0.2mdn.net
sale.aliexpress.com
salesali.biz
securepubads.g.doubleclick.net
site2text-2021.web.app
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
104.111.216.213
104.111.245.23
104.21.3.123
142.250.184.226
149.5.244.188
151.101.1.195
151.101.65.195
162.55.139.78
2606:4700::6812:acf
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:6b8::1:119
2a04:4e42:3::485
88.212.201.204
00851c7f94d0ab84b4a7125294366e22ccfcfe65166faf123d0cecd1abe8590a
03d578c8abc28017559a00168fcbeb4f408812e4c050d351fb43bc247fc4fa9f
068a2cb50b6b8a48c42166236ead72ce65b53a78316f4bcb6323a0f7e8028dd8
0fe28546b792dc0413bfb6fda77923863399df8795daf921e7c6c0e8b6470b2b
10b7ca23747f09ed77564330d52e8cbe8fb71dcdfbd3baf7bce4a5aa608d198a
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1332c8a7080f0812b912170b5c08e793b1d42be98384796aa857ba53dd11ce
1c31f578fe67ee1d0a549bd05720ea7803231dcf0c641180023a448a446378ce
1cb9c7d7586e40f40124ee95855223e22e80def92521bfbe85f03e67b99c4d1b
200c3f53d1b4c86c5c278908b4024a34483b052f262b2c0b455366f1c3c8f144
26618348bc9ccf8977eb83a6adaa593566965b9c4e8c3c787a6780ac9e4cda85
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0dbaefb2ef8c9dad26d66462ef50bcd983a898688092dd753c5a0b88985516
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f815fd7944d12193098afb36795495ae76b8ee4a0882036325024d7a963c781
32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
40888936f3dc9567204785d9d55fdaf5506d753e25ed5e45f7bd199501a0b1db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457c72a4ffef9610ff0a794a68cb26c734f71190c762ed9f4ff18b1f4240af90
4874d00f8999743ad740176788e25f25fb60ce668ce7e410975092ee271ea904
4cc460bfc06eea479972a69536321fa8d14fb4b3805e4438451194222936538b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5dcb211c747ddd019a2527053c9da89f1352016509cc33e453842a1cbecb1f8b
6029240a26e51d6572e8e6514d331be54276f5c3d3fc313923fd0f847366a063
65c97c5d948d0dad5d9c855929735520bc03b7db108e274877299fa3b3fa07e9
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
689757f9f6acbaac0a850681f8e912a6665e3928e5da855d28020e535103da04
69064d5b2d243ee90150303309fec1acd5711b30d9d86f8751f400f2903a678a
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
6f774365fcbd352acf09229d291d4f92c348dbae7bc2ed2ac0d7dea21c5942e3
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
72cfb7c50bedb2f4afd042046214d6ba527d2fca41ce6d6b999a0db31e1f1675
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a2b33374737163fc58fc46e4fbbc730c4e4f460bc7829eb0c386d71d02f9c43
7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3
83d0e63bca33c624912cdf06547db61b74213b255dfcc0316b412df0a1bbe5e8
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
86571141db57d4a8abecd5807915a027c506b43441f4587e2efe80fa293f008a
8a67910a18cc8931437403ceb4c3491063be645ccc94401bf85ded8166d01de9
8e4499bc89ccbe9fabed9630afe7b38722ffeab879d3071114aeeb3d28e545aa
948cf04e1a0841db9f3a4d89dcf8c68fa1b81f54d8726b26a974e4912daba45b
97c9c32337f4d2c67fca139378bb0f8aa0ab45fd91878f3a7d51af4546bbf8f3
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
98414b1613797e6ea30276612ef91f745399c0765668c1856081ee0552acf2dd
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9f51c8aba1c7ddb58a1547eb41104072efce6625fc3ba345ca461b849c18fffd
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c37941772d77c65b7dfdc53e6455b94d48b6e03b81dea2edc3845e0448adc8
a8fd9623c059fc00dd23226c730bf7da3cd104a138db3405e506b0588db2f765
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
aed0901fcfab48f006c871e390543f4eb6e47d0ec6420a8fe1a065ed6132bf80
afdb1f488a637990caa602d3712dc6215156c5748979a2dedf589dd5802ae775
b4c2f22d5cf8b32e83d72a76725659ece2bf65eb612ea6be28ee5b57a4f25f64
b4f9cf24b515144e86f58438a159e7858241f9eaf54739e7a90c11f85f01e74a
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bc3aa30bde5afb3ea07ce7a1cc68d6d3ced1cebad5e76888a16eb4182a97a02b
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c7d4c43f68c47e19be7184c316c903223b984fc57c4634fada219f486663cefb
c7ece95f751a8994a9efb4bb804306414f301cbe8e6693bb9d08df40e909eb49
cd1caae8ce2dd5b22b4a568d10c9f634e044428f7711f5670a02ee61e49be708
ce4173c6646d0d46549baa4f6ff3e00fe28a0cad6124e76f0fa03396e887bcb6
cf36f3295881d2714bf0f509f0126886b4b6190d2e1c90245e032d20797f0763
cf914e907fae0a036ad2c4b9e0f95b362bb5dc9dec82f8c1ad9978459fc9087e
d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9877dd74bef9aff630e61d08f1b2e596483dfdc3c140546b1a895181ed2c5c8
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbe4d8a819337ebdad851deeb7250c005204a86c27b7d47a98e6a700294d341c
dcccc167011ba94aff1e55af0eb6f081a8fe20b2846d9218dc1d1b078e289973
ddc4e6df433de9a92ac0f55a21af7fb009b5a22f9c21afc4b41a76ce3c6b36b5
ddf362738cf1fda834880290695887ac6ddf5a29b98451ee941acc27823b7f40
df2e0daf3d1a8b8f5239f4814a214631795660a2d104705bf7a27822243a4818
df67a292973eef2f64eb784d124e2c746fd348a0c3e5f12268e53c9d06d4b863
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860
e5996a03b715a521347efa92de6ee7b9daa567bd26338aacaaceaa1ce88fc7f2
e607002fe08a21e01ab4984ccb9a6f9a3c4956c243649e9dd8c0c30d5786ed2e
e80803df6ef31f60d8b615f4a603d2a02f13823c9bf3d1e9afa1600b417f82fa
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ad56a192cfb796852af711e1326b02a9af338326a60fe291ca65fe8763ddda
f2b58f425d7a2e2cea5ec6e9058640e2f217419a969c86fe45eaf18f169e3c4f
f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea
fc5a69486379e6def54111417d6ff58ab7e33448f28c01a345802999e719c55c
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

ja.answersexpress.com Open in urlscan Pro 104.21.3.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

100 %HTTPS

63 %IPv6

21 Domains

28 Subdomains

23 IPs

3 Countries

1941 kBTransfer

4636 kBSize

10 Cookies

34 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.answersexpress.com Open in urlscan Pro
104.21.3.123 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

100 %
HTTPS

63 %
IPv6

21
Domains

28
Subdomains

23
IPs

3
Countries

1941 kB
Transfer

4636 kB
Size

10
Cookies

137 HTTP transactions
6 data transactions