urlscan.io logo urlscan.io
SecurityTrails logo

www.wednesdaymoon.net Open in urlscan Pro
52.165.220.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.wednesdaymoon.net/
Effective URL: http://www.wednesdaymoon.net/kzweb/
Submission: On November 10 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 11 domains to perform 47 HTTP transactions. The main IP is 52.165.220.33, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.wednesdaymoon.net.
This is the only time www.wednesdaymoon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    52.165.220.33 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.wednesdaymoon.net
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
1    133.237.48.7 (Japan)

ASN23820 (RAKUTEN Rakuten,Inc., JP)
PTR: hbb.afl.rakuten.co.jp
hbb.afl.rakuten.co.jp
1    2a02:3d0:610:101:225:90ff:feed:b22a (Austria)

ASN22822 (LLNW, US)
thumbnail.image.rakuten.co.jp
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net
partner.googleadservices.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
18 www.wednesdaymoon.net 1 redirects www.wednesdaymoon.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 pagead2.googlesyndication.com www.wednesdaymoon.net
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.wednesdaymoon.net
connect.facebook.net
2 apis.google.com www.wednesdaymoon.net
apis.google.com
1 www.google.de www.wednesdaymoon.net
1 www.google.com www.wednesdaymoon.net
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 thumbnail.image.rakuten.co.jp www.wednesdaymoon.net
1 hbb.afl.rakuten.co.jp 1 redirects
1 www.googletagmanager.com www.wednesdaymoon.net
47 17

This site contains links to these domains. Also see Links.

Domain
hb.afl.rakuten.co.jp
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
thumbnail.image.rakuten.co.jp
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-17		 2 years crt.sh
*.apis.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.wednesdaymoon.net/kzweb/
Frame ID: 5CA927A1BFE070FD08AF0F56ADC272AC
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: DD22BFE326AC82AED69050FA4E060C88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&adk=1812271804&adf=3025194257&lmt=1604988736&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736264&bpp=12&bdt=590&idt=121&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2987151394036&frm=20&pv=2&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=2160769704&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=140
Frame ID: D9FD6BBF74D344A22959876A68FE8CBB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=15&slotname=5509753938&adk=3274043799&adf=236418662&pi=t.ma~as.5509753938&w=728&lmt=1604988736&psa=0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736276&bpp=8&bdt=603&idt=137&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=488&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2K9AuYq9kr&p=http%3A//www.wednesdaymoon.net&dtd=143
Frame ID: 027B4988231E4AAB10613D347B89F5E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=90&slotname=2556287539&adk=2248749411&adf=2669768296&pi=t.ma~as.2556287539&w=728&lmt=1604988736&psa=0&format=728x90&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736284&bpp=1&bdt=610&idt=138&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=bQgaXtTEpR&p=http%3A//www.wednesdaymoon.net&dtd=142
Frame ID: B885C7AE5CF5C3FCC0972300E730AA3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=280&slotname=2416686736&adk=52150763&adf=689961716&pi=t.ma~as.2416686736&w=336&lmt=1604988736&psa=0&format=336x280&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736285&bpp=2&bdt=611&idt=144&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=919&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=K6vl5njFDn&p=http%3A//www.wednesdaymoon.net&dtd=147
Frame ID: A92DDBA9E089B07DECFF5216200DF8CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=15&slotname=8463220332&adk=1130386269&adf=2237287498&pi=t.ma~as.8463220332&w=728&lmt=1604988736&psa=0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736287&bpp=1&bdt=613&idt=148&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=509&ady=792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=4m7KzmP3se&p=http%3A//www.wednesdaymoon.net&dtd=151
Frame ID: 8F7AF9237260384A6D220AAA802F029F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=90&slotname=6068157135&adk=3221450624&adf=2923410482&pi=t.ma~as.6068157135&w=728&lmt=1604988736&psa=0&format=728x90&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736288&bpp=1&bdt=614&idt=183&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&prev_slotnames=5509753938%2C8463220332&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=524&ady=1838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=wcSf5HoFTU&p=http%3A//www.wednesdaymoon.net&dtd=186
Frame ID: 01B48FFA72282D38A94742825B71FDE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 11D9AD284510A0D02076A0EA301BD936
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.wednesdaymoon.net/ HTTP 302
    http://www.wednesdaymoon.net/kzweb/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

47
Requests

60 %
HTTPS

80 %
IPv6

11
Domains

17
Subdomains

14
IPs

6
Countries

455 kB
Transfer

1219 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.wednesdaymoon.net/ HTTP 302
    http://www.wednesdaymoon.net/kzweb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://hbb.afl.rakuten.co.jp/hgb/0a61b9dd.4c2b6ad7.0a61b9de.b43a1205/?me_id=1213310&item_id=19750950&pc=https%3A%2F%2Fthumbnail.image.rakuten.co.jp%2F%400_mall%2Fbook%2Fcabinet%2F2912%2F4902370542912.jpg%3F_ex%3D128x128&s=128x128&t=picttext HTTP 302
  • https://thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/2912/4902370542912.jpg?_ex=128x128
Request Chain 17
  • http://connect.facebook.net/ja_JP/sdk.js HTTP 307
  • https://connect.facebook.net/ja_JP/sdk.js

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wednesdaymoon.net/kzweb/
Redirect Chain
  • http://www.wednesdaymoon.net/
  • http://www.wednesdaymoon.net/kzweb/
45 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7390e294b7a56bec5ac87e13f6df88bcc69b8b388183132974b01ee38f0ccf76

Request headers

Host
www.wednesdaymoon.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
ASP.NET_SessionId=0jktpyue0ukyw5ulidfwlm0x; ARRAffinity=e612113efd5a3bc2a37d3c37ec938a8670457693cd9195004d53278fa5317ac1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Length
19396
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 10 Nov 2020 06:12:15 GMT

Redirect headers

Cache-Control
private
Content-Length
152
Content-Type
text/html; charset=utf-8
Location
http://www.wednesdaymoon.net/kzweb/
Server
Microsoft-IIS/10.0
Set-Cookie
ASP.NET_SessionId=0jktpyue0ukyw5ulidfwlm0x; path=/; HttpOnly; SameSite=Lax ARRAffinity=e612113efd5a3bc2a37d3c37ec938a8670457693cd9195004d53278fa5317ac1;Path=/;HttpOnly;Domain=www.wednesdaymoon.net
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 10 Nov 2020 06:12:15 GMT
kz.css
www.wednesdaymoon.net/kzweb/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/css/kz.css
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
07a56f1d477f2e01b555ad30fc0be177a93e4d779a0621b034f4767925e02134

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Content-Encoding
gzip
ETag
"9811cd88ccb4d61:0"
Last-Modified
Sat, 07 Nov 2020 06:09:21 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2947
style.css
www.wednesdaymoon.net/kzweb/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/css/style.css
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff9e96e103380443678c95bb5fea344afc0f35fcbc66ecaeec6d6821d6cff5e4

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Content-Encoding
gzip
ETag
"debacb3d58a8d21:0"
Last-Modified
Wed, 29 Mar 2017 06:46:49 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2473
column2.css
www.wednesdaymoon.net/kzweb/css/ 		614 B
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/css/column2.css
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6cc042bee80c97e0b1eb0146ff894aa5ba21432e08865a5f21d59db62749fa2e

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Content-Encoding
gzip
ETag
"fe28b6f3bf2bcb1:0"
Last-Modified
Sun, 25 Jul 2010 06:09:33 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
406
top.css
www.wednesdaymoon.net/kzweb/css/ 		942 B
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/css/top.css
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7e4f9f6ee71390e8c95c46a3696e11a9aec25196c53a9bae364c36d945af6af5

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Content-Encoding
gzip
ETag
"7e4a967e636cb1:0"
Last-Modified
Sun, 08 Aug 2010 10:42:30 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
571
article.css
www.wednesdaymoon.net/kzweb/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/css/article.css
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c2e9e60301d70f6ef7a3379cd644c75fe482efd8233727e1277948a35c42bf6

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Content-Encoding
gzip
ETag
"80f9da5ed478cb1:0"
Last-Modified
Sun, 31 Oct 2010 08:19:43 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
869
soft.css
www.wednesdaymoon.net/kzweb/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/css/soft.css
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3b3b33fd39fa23effe3d69188ba1a1e41480ed0d594cc12a3a5535cea9a903f9

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Content-Encoding
gzip
ETag
"102e47a4e982cb1:0"
Last-Modified
Sat, 13 Nov 2010 04:17:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1142
func.js
www.wednesdaymoon.net/kzweb/js/ 		908 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/js/func.js
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9df3df6225cc885f180a61d25080d272da4add2fa5274fc116ec383ab388e82a

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:16 GMT
Content-Encoding
gzip
ETag
"c8ae2b92f882cb1:0"
Last-Modified
Sat, 13 Nov 2010 06:04:02 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
637
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-6511840-1
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d240072f2c856d2032fd05cc8c5e74718b49ac94e90c8a2cafbb0add11e5315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38302
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Nov 2020 06:12:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32f881c83315d585e36c1ad981af24a73ecb1f5ef51423ac15ae8720c74aa421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45407
x-xss-protection
0
server
cafe
etag
6366860311049154239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Nov 2020 06:12:16 GMT
WebResource.axd
www.wednesdaymoon.net/kzweb/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.wednesdaymoon.net/kzweb/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZE0Zz3sbXwpSW5gO2om86MUj0fRPeGMmGHdHUwdsz_B0I8Icuw2&t=637327039249080682
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Aug 2020 00:52:04 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
6007
Expires
Mon, 08 Nov 2021 03:55:04 GMT
kzweblogo.png
www.wednesdaymoon.net/kzweb/images/main/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/main/kzweblogo.png
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cfea2546e37b0856821d2c3507dddec2a28281e5b313566f41672c491b9f01bf

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:16 GMT
Last-Modified
Sat, 18 Oct 2014 07:29:27 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"2aa6863fa5eacf1:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4806
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32f881c83315d585e36c1ad981af24a73ecb1f5ef51423ac15ae8720c74aa421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 10 Nov 2020 06:12:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
6366860311049154239
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
45407
X-XSS-Protection
0
Expires
Tue, 10 Nov 2020 06:12:16 GMT
tama_05a.gif
www.wednesdaymoon.net/kzweb/images/ 		812 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/tama_05a.gif
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9cfec4ee96714394080d5e8a9c5c78af92a43efd668d8cc6236381882fc2c788

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Last-Modified
Wed, 24 Dec 2008 08:52:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"49112eba465c91:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
812
rss1-orange.png
www.wednesdaymoon.net/kzweb/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/rss1-orange.png
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bb0834e9a00bf0d6290c46692eddb226c2ee79c82d28fea01d4c5ac28e4028ab

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Last-Modified
Mon, 29 Dec 2008 13:12:15 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"c0948e11b769c91:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1989
new_03_red.gif
www.wednesdaymoon.net/kzweb/images/ 		343 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/new_03_red.gif
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8b4b9c7e21c68657ed1f3db05c8cd0334947bf030e8940dc2b83d1b6632a5f0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Last-Modified
Fri, 05 Dec 2008 08:31:36 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"6d1cbee2b356c91:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
343
4902370542912.jpg
thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/2912/
Redirect Chain
  • https://hbb.afl.rakuten.co.jp/hgb/0a61b9dd.4c2b6ad7.0a61b9de.b43a1205/?me_id=1213310&item_id=19750950&pc=https%3A%2F%2Fthumbnail.image.rakuten.co.jp%2F%400_mall%2Fbook%2Fcabinet%2F2912%2F4902370542...
  • https://thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/2912/4902370542912.jpg?_ex=128x128
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/2912/4902370542912.jpg?_ex=128x128
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:3d0:610:101:225:90ff:feed:b22a , Austria, ASN22822 (LLNW, US),
Reverse DNS
Software
nginx /
Resource Hash
7957f1d4cb1e2ee2c8c24604c5178275d094ffa8e9ca4fa929ebe063ba50db48

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:17 GMT
x-cdn-cache
HIT
age
25249
x-cpcode
227300
status
200
x-cdn-served-from
LLNW
content-length
2148
last-modified
Fri, 23 Aug 2019 06:20:00 GMT
server
nginx
etag
"5d5f8590-2f104"
vary
Origin
content-type
image/webp
access-control-expose-headers
x-cdn-served-from
cache-control
max-age=3600
accept-ranges
none
link
<https://tshop.r10s.jp/book/cabinet/2912/4902370542912.jpg?fitin=700:700>; rel="canonical"
x-llid
b08b8c96ac19636100276d2bbf039dee
expires
Tue, 10 Nov 2020 07:12:17 GMT

Redirect headers

Location
https://thumbnail.image.rakuten.co.jp/@0_mall/book/cabinet/2912/4902370542912.jpg?_ex=128x128
Date
Tue, 10 Nov 2020 06:12:17 GMT
X-Content-Type-Options
nosniff
Server
Apache
Connection
close
Content-Length
0
X-XSS-Protection
1; mode=block
plusone.js
apis.google.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VqT1+QSauSA86+Pgfd30cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"3e801f1b1d67e6ea720d7c6a799ff679"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-VqT1+QSauSA86+Pgfd30cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 10 Nov 2020 06:12:16 GMT
sdk.js
connect.facebook.net/ja_JP/
Redirect Chain
  • http://connect.facebook.net/ja_JP/sdk.js
  • https://connect.facebook.net/ja_JP/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
962f2d62b7d268f71f95abeb7d103b099303c17bfae4b842cf674c2beb35cfa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ZqDJypY7sBPybS10d9AGPw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
etag
"e3c3e2a479d26bf49aacdaee1ede7440"
x-fb-debug
IfUUt14Yvlj4kl+4/HBhe6VFjM8VG1gCFeRXx47cNUMVIZKGGV6UGBq8o/gOx+Xqd/Cw2LV9dossDLFEQYhWTg==
x-fb-trip-id
664085054
x-fb-content-md5
e62d20350d27b81dc644b26781aae56e
x-frame-options
DENY
date
Tue, 10 Nov 2020 06:12:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 10 Nov 2020 06:14:25 GMT

Redirect headers

Location
https://connect.facebook.net/ja_JP/sdk.js#xfbml=1&version=v2.4
Non-Authoritative-Reason
HSTS
contentstitle.png
www.wednesdaymoon.net/kzweb/images/main/ 		172 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/main/contentstitle.png
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/css/style.css
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
28b366f9cd2a50987c2b744589a0a5f01fdd8289404083e88541ece6d35d861f

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Last-Modified
Sun, 08 Aug 2010 07:47:17 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"71b44eeccd36cb1:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
172
enpitu_r_4.gif
www.wednesdaymoon.net/kzweb/images/ 		588 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/enpitu_r_4.gif
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/css/top.css
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8f5c878755541e783c38ed68485acc514e989e992135c4ab40f25013f9d4ea08

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/css/top.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:16 GMT
Last-Modified
Wed, 27 May 2009 02:07:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"088fdd86fdec91:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
588
ya_003.gif
www.wednesdaymoon.net/kzweb/images/ 		122 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/ya_003.gif
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/css/top.css
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
889f453af72934454c95f498ff19257ea62018045fdd87d2337ae941bbeb136b

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/css/top.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:15 GMT
Last-Modified
Tue, 02 Dec 2008 09:13:42 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"3433e455e54c91:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
122
sidemenutitle.gif
www.wednesdaymoon.net/kzweb/images/main/ 		154 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.wednesdaymoon.net/kzweb/images/main/sidemenutitle.gif
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/css/style.css
Protocol
HTTP/1.1
Server
52.165.220.33 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83b82d7a2f5dc18e15f823faaed55b2319c86141136589fc8aa79238c3c58d67

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 06:12:16 GMT
Last-Modified
Sun, 25 Jul 2010 05:29:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"438d5a55ba2bcb1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
154
sdk.js
connect.facebook.net/ja_JP/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js?hash=ada0d72cd1b59484ac7374ff6f8f95d2&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/ja_JP/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc40351429e1fa867cc90cd8e7789a30f1388fc35dd7e974898d13ce83c2d157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://www.wednesdaymoon.net
Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
L1UDzZj6IE4sBnn/pVR/DA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60191
etag
"0595524bb52c6dc3b59ec5bc3fc0fd7e"
x-fb-debug
IAHgCVDvjwxZ1RZUzrexNoAsgKoyxN7lysx9TxK7YNp9qfQxKIT6DMunQtJJpIOkYeWAKP+24/6JnYX25W+4LQ==
x-fb-trip-id
664085054
x-fb-content-md5
6cfa57d4b7f8d8d8bf7cb18f73a9c91d
x-frame-options
DENY
date
Tue, 10 Nov 2020 06:12:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 10 Nov 2021 00:33:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 22:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28633
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49481
x-xss-protection
0
last-modified
Fri, 23 Oct 2020 17:38:50 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 22:15:03 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 		230 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88225
x-xss-protection
0
server
cafe
etag
10001109163846534958
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Nov 2020 06:12:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame DD22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201104/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 09 Nov 2020 18:54:19 GMT
expires
Mon, 23 Nov 2020 18:54:19 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
40677
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6511840-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3388
date
Tue, 10 Nov 2020 05:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 10 Nov 2020 07:15:48 GMT
collect
www.google-analytics.com/j/ 		2 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=323426656&t=pageview&_s=1&dl=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&ul=en-us&de=UTF-8&dt=kzWeb&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=125998250&gjid=1018275408&cid=1821936839.1604988736&tid=UA-6511840-1&_gid=1334905687.1604988736&_r=1&gtm=2ouas1&z=447096117
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Nov 2020 06:12:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://www.wednesdaymoon.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		207 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.wednesdaymoon.net&callback=_gfp_s_&client=ca-pub-8437618648230859
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
cff413ae15be1bff0932e44515ae854f690daaae98df10290c8c0e0d4ba6d7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wednesdaymoon.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wednesdaymoon.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D9FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&adk=1812271804&adf=3025194257&lmt=1604988736&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736264&bpp=12&bdt=590&idt=121&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2987151394036&frm=20&pv=2&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=2160769704&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&adk=1812271804&adf=3025194257&lmt=1604988736&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736264&bpp=12&bdt=590&idt=121&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2987151394036&frm=20&pv=2&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=2160769704&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=140
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 10 Nov 2020 06:12:16 GMT
server
cafe
content-length
488
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 10-Nov-2020 06:27:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 10 Nov 2020 06:12:16 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d278533e8015b48285df852d82d9d8497168e963f5fdf50c0b018b01b1e2e2a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604940355256220"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28176
x-xss-protection
0
expires
Tue, 10 Nov 2020 06:12:16 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-6511840-1&cid=1821936839.1604988736&jid=125998250&gjid=1018275408&_gid=1334905687.1604988736&_u=IEBAAUAAAAAAAC~&z=760117037
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 10 Nov 2020 06:12:16 GMT
status
200
content-type
text/plain
access-control-allow-origin
http://www.wednesdaymoon.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 027B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=15&slotname=5509753938&adk=3274043799&adf=236418662&pi=t.ma~as.5509753938&w=728&lmt=1604988736&psa=0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736276&bpp=8&bdt=603&idt=137&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=488&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2K9AuYq9kr&p=http%3A//www.wednesdaymoon.net&dtd=143
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=15&slotname=5509753938&adk=3274043799&adf=236418662&pi=t.ma~as.5509753938&w=728&lmt=1604988736&psa=0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736276&bpp=8&bdt=603&idt=137&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=488&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2K9AuYq9kr&p=http%3A//www.wednesdaymoon.net&dtd=143
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 10 Nov 2020 06:12:16 GMT
server
cafe
content-length
6071
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 10-Nov-2020 06:27:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 10 Nov 2020 06:12:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B885 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=90&slotname=2556287539&adk=2248749411&adf=2669768296&pi=t.ma~as.2556287539&w=728&lmt=1604988736&psa=0&format=728x90&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736284&bpp=1&bdt=610&idt=138&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=bQgaXtTEpR&p=http%3A//www.wednesdaymoon.net&dtd=142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=90&slotname=2556287539&adk=2248749411&adf=2669768296&pi=t.ma~as.2556287539&w=728&lmt=1604988736&psa=0&format=728x90&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736284&bpp=1&bdt=610&idt=138&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=bQgaXtTEpR&p=http%3A//www.wednesdaymoon.net&dtd=142
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 10 Nov 2020 06:12:16 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 10-Nov-2020 06:27:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 10 Nov 2020 06:12:16 GMT
cache-control
private
ga-audiences
www.google.com/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-6511840-1&cid=1821936839.1604988736&jid=125998250&_u=IEBAAUAAAAAAAC~&z=1848405247
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Nov 2020 06:12:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-6511840-1&cid=1821936839.1604988736&jid=125998250&_u=IEBAAUAAAAAAAC~&z=1848405247
Requested by
Host: www.wednesdaymoon.net
URL: http://www.wednesdaymoon.net/kzweb/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Nov 2020 06:12:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A92D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=280&slotname=2416686736&adk=52150763&adf=689961716&pi=t.ma~as.2416686736&w=336&lmt=1604988736&psa=0&format=336x280&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736285&bpp=2&bdt=611&idt=144&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=919&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=K6vl5njFDn&p=http%3A//www.wednesdaymoon.net&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=280&slotname=2416686736&adk=52150763&adf=689961716&pi=t.ma~as.2416686736&w=336&lmt=1604988736&psa=0&format=336x280&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736285&bpp=2&bdt=611&idt=144&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=919&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=K6vl5njFDn&p=http%3A//www.wednesdaymoon.net&dtd=147
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 10 Nov 2020 06:12:16 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 10-Nov-2020 06:27:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 10 Nov 2020 06:12:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 8F7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=15&slotname=8463220332&adk=1130386269&adf=2237287498&pi=t.ma~as.8463220332&w=728&lmt=1604988736&psa=0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736287&bpp=1&bdt=613&idt=148&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=509&ady=792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=4m7KzmP3se&p=http%3A//www.wednesdaymoon.net&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=15&slotname=8463220332&adk=1130386269&adf=2237287498&pi=t.ma~as.8463220332&w=728&lmt=1604988736&psa=0&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736287&bpp=1&bdt=613&idt=148&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&prev_slotnames=5509753938&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=509&ady=792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&xpc=4m7KzmP3se&p=http%3A//www.wednesdaymoon.net&dtd=151
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 10 Nov 2020 06:12:16 GMT
server
cafe
content-length
6117
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 10-Nov-2020 06:27:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 10 Nov 2020 06:12:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 01B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=90&slotname=6068157135&adk=3221450624&adf=2923410482&pi=t.ma~as.6068157135&w=728&lmt=1604988736&psa=0&format=728x90&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736288&bpp=1&bdt=614&idt=183&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&prev_slotnames=5509753938%2C8463220332&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=524&ady=1838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=wcSf5HoFTU&p=http%3A//www.wednesdaymoon.net&dtd=186
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8437618648230859&output=html&h=90&slotname=6068157135&adk=3221450624&adf=2923410482&pi=t.ma~as.6068157135&w=728&lmt=1604988736&psa=0&format=728x90&url=http%3A%2F%2Fwww.wednesdaymoon.net%2Fkzweb%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604988736288&bpp=1&bdt=614&idt=183&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&prev_slotnames=5509753938%2C8463220332&nras=1&correlator=2987151394036&frm=20&pv=1&ga_vid=1821936839.1604988736&ga_sid=1604988736&ga_hid=323426656&ga_fc=0&iag=0&icsg=139599723176&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=524&ady=1838&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433%2C21066705&oid=3&pvsid=4496652736847260&pem=58&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=wcSf5HoFTU&p=http%3A//www.wednesdaymoon.net&dtd=186
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 10 Nov 2020 06:12:16 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
IDE=AHWqTUk_YUxH_a1dIS9tOWGsC8EYTV1mPFqG70IScbS0hBZCW1pj-GSQZpomq7ri; expires=Sun, 05-Dec-2021 06:12:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 10 Nov 2020 06:12:16 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043ad513962088d6770e9daca6c65bbf156b2f275a6d661ac7bef32c538d9219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 10 Nov 2020 06:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 06:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Tue, 10 Nov 2020 06:12:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 11D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.wednesdaymoon.net/kzweb/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.wednesdaymoon.net/kzweb/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Tue, 10 Nov 2020 05:45:36 GMT
expires
Wed, 10 Nov 2021 05:45:36 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1602
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=4496652736847260&bg=!gIOlg6PNAAUBH37qAVjNgzBBzELOKgIAAACeUgAAABloAQcKAJ-30MAlaZTYPFk-tdE0TOGcUzNeDUH5hIt9XKIFcx1XFzZVDgShQ5eNzoEo-Wp_2v3A7kO7uKd5nIeyk7tLdlsqbbfu-P5kYXPtqbsbWwJ8-Dfev_y-PAHU588ysY82h1asnmiS2yNw0BdH5lgvY-wsnestHl2pmhpELM6OIhJs1STRIXeQJgvcCWy1S9tdSbKvDKQJzZ9fmHEPnfgfJ_OZAb0D2ylRCVklBP00BxnHrxpKMwu_aJXQnnO6aRJYHc87muxvboq0UZ7jvNDUQecchA7xXoy5XGhQL0li_EWCoTnf7D3yTR_4jLvqczLVv1muu5yMr_MnwT5GnmQj6n_41pOJC-PT2NEGzhpTk3Gnmqw_Y0ZiS1c5BLqDCP3pDK_CnN0c7VpyKOSOkH7r2miLp_xuU23o1cAmA9cLIZPPOwikdWnfy8kv1h3VqIuDp2IXS48n0GG20P9JCA00V0uXcJlKJV-jRXc1eDEFGEmOa90kKlp7IdiLSyrsIFm89OT8RAoMzHtKQfi-QRNwjekV9wOjkK0uTXu6kg6hacZiKVvPpgp8jzBgsSuvBfs6nBbgjVTn5ZndY6_2e1mRXMKDrz5f0tNa_2hxg7gUt3Wqi-hP28SROw3rHoXCcD42VlI1rDGeLGGleP-XVGWwwR4qTfwd57sGwODH33luArkGwNbJXBNQmNAOz7IyvqIGDGT7BiSNUfP3HQMPevH5OmLtCaX3SwvrQwf68dyTteMbR-cSa8Eg8devzEPs7ADVJRjhHc10zABHZO_5DiruTRgeIUgqLskpn2D-lw5pfthE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Nov 2020 06:12:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-8437618648230859&su=www.wednesdaymoon.net&doc=complete&pg_h=1944&pg_w=1600&pg_hs=1944&c=4&aa_c=0&av_h=100&av_w=630&av_a=45360&s=88&all_s=88&b=1137&all_b=1137&d=0.206&all_d=0.206&ard=0.058&all_ard=0.058&dt=d
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.wednesdaymoon.net/kzweb/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Nov 2020 06:12:19 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| trustedTypes function| openImageSizedWindow function| gtag object| dataLayer object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| adsbygoogle object| FB object| gapi object| ___jsl object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map number| google_lpabyc number| google_unique_id object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUk_YUxH_a1dIS9tOWGsC8EYTV1mPFqG70IScbS0hBZCW1pj-GSQZpomq7ri
.wednesdaymoon.net/ Name: __gads
Value: ID=15ce0de64bee5e3b-22afff322db900b3:T=1604988736:RT=1604988736:S=ALNI_MZPS_-IrtRaevN_c3b69WzCFXfQNw
.wednesdaymoon.net/ Name: _gat_gtag_UA_6511840_1
Value: 1
.wednesdaymoon.net/ Name: _ga
Value: GA1.2.1821936839.1604988736
.www.wednesdaymoon.net/ Name: ARRAffinity
Value: e612113efd5a3bc2a37d3c37ec938a8670457693cd9195004d53278fa5317ac1
.wednesdaymoon.net/ Name: _gid
Value: GA1.2.1334905687.1604988736
www.wednesdaymoon.net/ Name: ASP.NET_SessionId
Value: 0jktpyue0ukyw5ulidfwlm0x

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
connect.facebook.net
googleads.g.doubleclick.net
hbb.afl.rakuten.co.jp
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
thumbnail.image.rakuten.co.jp
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.wednesdaymoon.net
133.237.48.7
172.217.22.66
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:818::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9d
2a02:3d0:610:101:225:90ff:feed:b22a
2a03:2880:f01c:8012:face:b00c:0:3
52.165.220.33
043ad513962088d6770e9daca6c65bbf156b2f275a6d661ac7bef32c538d9219
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07a56f1d477f2e01b555ad30fc0be177a93e4d779a0621b034f4767925e02134
1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
28b366f9cd2a50987c2b744589a0a5f01fdd8289404083e88541ece6d35d861f
32f881c83315d585e36c1ad981af24a73ecb1f5ef51423ac15ae8720c74aa421
3b3b33fd39fa23effe3d69188ba1a1e41480ed0d594cc12a3a5535cea9a903f9
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6cc042bee80c97e0b1eb0146ff894aa5ba21432e08865a5f21d59db62749fa2e
7390e294b7a56bec5ac87e13f6df88bcc69b8b388183132974b01ee38f0ccf76
7957f1d4cb1e2ee2c8c24604c5178275d094ffa8e9ca4fa929ebe063ba50db48
7d240072f2c856d2032fd05cc8c5e74718b49ac94e90c8a2cafbb0add11e5315
7e4f9f6ee71390e8c95c46a3696e11a9aec25196c53a9bae364c36d945af6af5
83b82d7a2f5dc18e15f823faaed55b2319c86141136589fc8aa79238c3c58d67
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889f453af72934454c95f498ff19257ea62018045fdd87d2337ae941bbeb136b
8f5c878755541e783c38ed68485acc514e989e992135c4ab40f25013f9d4ea08
8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd
962f2d62b7d268f71f95abeb7d103b099303c17bfae4b842cf674c2beb35cfa2
9c2e9e60301d70f6ef7a3379cd644c75fe482efd8233727e1277948a35c42bf6
9cfec4ee96714394080d5e8a9c5c78af92a43efd668d8cc6236381882fc2c788
9df3df6225cc885f180a61d25080d272da4add2fa5274fc116ec383ab388e82a
b8b4b9c7e21c68657ed1f3db05c8cd0334947bf030e8940dc2b83d1b6632a5f0
bb0834e9a00bf0d6290c46692eddb226c2ee79c82d28fea01d4c5ac28e4028ab
bc40351429e1fa867cc90cd8e7789a30f1388fc35dd7e974898d13ce83c2d157
cfea2546e37b0856821d2c3507dddec2a28281e5b313566f41672c491b9f01bf
cff413ae15be1bff0932e44515ae854f690daaae98df10290c8c0e0d4ba6d7ee
d278533e8015b48285df852d82d9d8497168e963f5fdf50c0b018b01b1e2e2a1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff9e96e103380443678c95bb5fea344afc0f35fcbc66ecaeec6d6821d6cff5e4