lincs2u.com Open in urlscan Pro
185.41.10.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lincs2u.com/
Submission Tags: phishingrod
Submission: On December 03 via api (December 3rd 2023, 1:29:47 am UTC) from DE — Scanned from GB

Summary HTTP 51 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 51 HTTP transactions. The main IP is 185.41.10.35, located in United Kingdom and belongs to SUB6, GB. The main domain is lincs2u.com.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.

This is the only time lincs2u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	185.41.10.35 185.41.10.35	200083 (SUB6) (SUB6)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
51	8

14 185.41.10.35 (United Kingdom)

ASN200083 (SUB6, GB)
PTR: uk2.gbdir.net

lincs2u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
linc2u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	402 KB
13	lincs2u.com lincs2u.com	57 KB
10	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	85 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
1	linc2u.com linc2u.com	4 KB
51	7

	Domain	Requested by
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	lincs2u.com	lincs2u.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	lincs2u.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
4	www.googleadservices.com	lincs2u.com
3	www.google.com	2 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
1	linc2u.com	lincs2u.com
51	8

This site contains links to these domains. Also see Links.

Domain
louthlincs.co.uk
linc2u.com

Subject Issuer	Validity	Valid
linc2u.com R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://lincs2u.com/
Frame ID: 9C8E007C1A2BF49AAE2B3787DBBC2790
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 0A95BA59DB96D6058F840B97B87CCC84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=60&slotname=3325083669&adk=3653860310&adf=2422261944&pi=t.ma~as.3325083669&w=468&lmt=1701566982&format=468x60&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982599&bpp=3&bdt=215&idt=135&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=6106507759937&frm=20&pv=2&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=144
Frame ID: 7CAD2BC965F5B70D5AF6C3BBB13D9ED8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=90&slotname=2932935525&adk=1133379702&adf=889735248&pi=t.ma~as.2932935525&w=728&lmt=1701566982&format=728x90&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982602&bpp=1&bdt=218&idt=146&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=6106507759937&frm=20&pv=1&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=746&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=148
Frame ID: B15204735470601E3461D16B7741B3AA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&adk=1812271804&adf=3025194257&lmt=1701566982&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flincs2u.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982895&bpp=1&bdt=512&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C728x90&nras=1&correlator=6106507759937&frm=20&pv=1&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=7
Frame ID: E822A4DBCDA9F8DC04535D4DEC841E48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9A93B13F58DABFF1F0B81DC73F17078F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D2B0F5FAF173F23F1049BFB25942BDBB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: EC33F6700FE25386430980813D1DA473
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 5042112E62EDF5A0546A3348D7A57D56
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2EAC38B4C1EB784630ED49E23E97867
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 36F72D47D2B2FCD08F4DB3699BBE2542
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lincolnshire England and North East Lincs presented by Linc2u UK

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

96 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

677 kB
Transfer

1746 kB
Size

6
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://louthlincs.co.uk/
Title: Louth

Search URL Search Domain Scan URL

URL: https://linc2u.com/scripts/mail/grimsby/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://linc2u.com/

Search URL Search Domain Scan URL

URL: https://linc2u.com/rss/
Title: News Reader

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/accom.htm
Title: Accommodation

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/animal.htm
Title: Animals & Pets

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/bikes.htm
Title: Bikes

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/car.htm
Title: Cars / Car Dealer

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/charity.htm
Title: Charities

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/child.htm
Title: Children & Care

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/computer.htm
Title: Computers

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/educate.htm
Title: Education

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/entert.htm
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/engineer.htm
Title: Engineering

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/estate.htm
Title: Estate_Agent

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/food.htm
Title: Food

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/furniture.htm
Title: Furniture

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/geneal.htm
Title: Genealogy

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/louth.htm
Title: Louth

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/garden.htm
Title: Gardens / Flowers

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/homeimp.htm
Title: Builders / Home Improvement

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/hobbies.htm
Title: Hobbies

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/local.htm
Title: Local Interest

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/media.htm
Title: Media

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/medical.htm
Title: Medical

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/music.htm
Title: Music

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/printer.htm
Title: Printers

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/profes.htm
Title: Professional Services

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/pubs.htm
Title: Public House

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/restaurant.htm
Title: Restaurants and Café

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/religion.htm
Title: Religion

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/services.htm
Title: Services

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/busines2.htm
Title: Business 2 Business Services

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/schools.htm
Title: Schools

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/shopping.htm
Title: Shopping

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/sport.htm
Title: Sport

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/angling.htm
Title: Angling

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/towns.htm
Title: Towns Nr Louth

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/travel.htm
Title: Travel

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/visual.htm
Title: Visual & Arts

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/webdesig.htm
Title: Web_Design

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/weddings.htm
Title: Weddings

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/xpepl.htm
Title: X Louth People

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/others.htm
Title: Others

Search URL Search Domain Scan URL

URL: https://louthlincs.co.uk/louth/sites/
Title: Louth

Search URL Search Domain Scan URL

URL: https://linc2u.com/privacy_policy.htm
Title: privacy policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 36

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 38

https://googleads.g.doubleclick.net/pagead/adview?ai=CIjMvBtprZeXkL-rLjuwPr_-zkAjd9e2odK3B5-r-EZHDiZuUDhABIPiW6AlglYKggrAHoAHn6PbRA8gBAqgDAcgDyQSqBPYBT9CQ-h1W8FHiCU-9O_da0fUjG16mLhmWvq40CaZqWaaJgLaH4FptXUXYhD6Rpi55KmaZ4s4zYpOz1wQjDxy37CQjA6yKaZ6UOLXgu_Mq6rYzIg0aAnZhMSArtYimJdniPLVWLJCUBdarBwZcVI85jrtZNz9_aEK3fPIoY-IoInpMEttYGASRtL9H0nB-DDUFLQdofM4ULmwbSr3YRBMvDezrvZtHVayQhDXyb-bHkJnK72g4pm3A0JH8km3hBqQn2YlSY9Snd26cjje5Glwgo2BpWYfsPK7eyJ-EUj8cOlVtJNji40UsncJKiN2838as93ruOoFPwATOnOG4ugSIBc-S8blNkgUECAQYAZIFBAgFGASgBgKAB4GXiS6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCA9RjSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPzhx_yO8oIDmglEaHR0cHM6Ly9yb2cuYXN1cy5jb20vZGUvZ2FtaW5nLWhhbmRoZWxkcy9yb2ctYWxseS9yb2ctYWxseS0yMDIzL3d0Yi-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItMjgxMDExMTAwNjQ5NTk2NhgA&sigh=zIjIPTc1850&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNbPoxRje9c0KowvAdM4eyVgvnbjeOsBUYwAilF38v9Ld3cSCNMlemyKwJcVaBXAqPiX0Lwsd_QTlV20h_yNEZcbQN5KqSLrQ-fRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210025356458700598025%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225425718233670555921%22}&andc=true

Request Chain 40

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Z0LBtprZYevL8OpjuwPvOOp4AnzoeG9dO_BydjUEuiqtpWLAxABIPiW6AlglYKggrAHoAGSmav8AsgBAqgDAcgDyQSqBPIBT9AS_wypQ5nime9x16aYeICF-hVoj-RIasf97_DbubRZu_7hcTApZAmv7IDjwbrFQiJrf7uVgt70UJH2Q2FKz7_q-6n86H7hjcCbH3E13vkN4ucWd5aCdMrCVsR9rVkFX685BpmclkeFYlIfM0wFDT8fXeZv4SismV6Q7YYCL_hNqHPvIHQ-UefIsdiObuxZ55gjpD1MJ_KlXF48pPnBQqwLiJYI3KngFHjs9KvQSl7YKuBqJBllSPJJiOm3Q1bNDlGC_7yW_QX6i3K2wVOLMYCQzysxuB2tRJ0zVIvTHSZYN3dNg1h1m7Z8e00hk7YvLNXABKH1-NLBBIgF9KP5sE2SBQQIBBgBkgUECAUYBKAGAoAH1ubUgwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRDS8JcC0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliSrcf8jvKCA5oJ0gFodHRwczovL2dvLmNyb3dkc3RyaWtlLmNvbS9jbG91ZC1yaXNrLXJlcG9ydC0yMDIzLWRlLmh0bWw_dXRtX3NvdXJjZT1nb29nJnV0bV9tZWRpdW09ZGlzJnV0bV9jYW1wYWlnbj1jbG91ZHNlY3VyaXR5JnV0bV90ZXJtPXBzcF9pbV9pdGRtJnV0bV9jb250ZW50PWZ1bmQtbGFxdS1kZS14LXNfaW1nLWRhY2gtcHNwLWl0ZG0td2h0LWNsb2RfcnNrX3YxX3gtNzI4eDkwLXiACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI4MTAxMTEwMDY0OTU5NjYYAA&sigh=S8Qh4Cwzyhw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNJD-3wT4uOE3uQcb0DFJcsXgwdPvOCA6D6hFedRyZFyY4UEzWz2Jjinf9illXS-F3Su7Qo-xIgsFZkBIZ5RSKQyssu-a6TdPNvcwYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22101983724504278603%22,%22debug_reporting%22:true,%22destination%22:%22https://crowdstrike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22797625490%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226679801824453202545%22}&andc=true

51 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lincs2u.com/ 26 KB
6 KB 4303ms
1476ms Document
text/html 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to

Full URL

https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

79ebe992b8a09125e4738ecd06f5165926dcb050e8152eb6288bb020f725b1c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5430
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html
Date: Sun, 03 Dec 2023 01:29:40 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK linc2u.css
lincs2u.com/css/ 4 KB
1 KB 61ms
60ms Stylesheet
text/css 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to

Full URL

https://lincs2u.com/css/linc2u.css

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

aa0473d1aa346eacc5f778d488b3eeae3f1402f62d6e6fe4ad2aa1cf791890a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Wed, 20 Nov 2019 13:48:49 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 905
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK linc.png
lincs2u.com/art/ 7 KB
8 KB 112ms
50ms Image
image/png 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/linc.png

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

432d370e9e05c983f4f2ef24a7c8def1a083f4f73c356ddd80a8d30750e946a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 03 Apr 2014 15:47:37 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7488
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK linclincs.png
lincs2u.com/art/ 2 KB
3 KB 393ms
37ms Image
image/png 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/linclincs.png

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

e028ff4db8ecb85088fa65e634873bd9204f9d862f4ba8b65003676913ae168f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Thu, 03 Apr 2014 15:44:27 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 2259
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK leftbg.gif
lincs2u.com/art/ 329 B
663 B 544ms
37ms Image
image/gif 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/leftbg.gif

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

75055f7e9998d342210fae0dfa6fdd16c14c76e805ad98e54fe33abab195fb4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 04 Jan 2010 13:41:13 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 329
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK red_block.gif
lincs2u.com/art/ 96 B
429 B 522ms
37ms Image
image/gif 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/red_block.gif

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

3b1fc4e3e9840f6820452f9bd6c27bc47aede1b7e42539b677b8a02e767771b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 14 Feb 2006 11:52:02 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 96
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK gyslink.gif
lincs2u.com/art/ 495 B
829 B 251ms
40ms Image
image/gif 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/gyslink.gif

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

7e5a00a48384832e0ff405faca97769434ae2bde14ae7f2169363fbcfbfc174f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 14 Feb 2006 11:51:43 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 495
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 138ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76738293ad487a8667b4c07da3bda9d70f9f9beba595da2179e9e2ff89bf569c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52613
x-xss-protection: 0
server: cafe
etag: 10751902124888226157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:29:42 GMT

GET
H/1.1 200
OK linc2u.gif
lincs2u.com/art/ 1 KB
2 KB 277ms
37ms Image
image/gif 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/linc2u.gif

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

25056b7d6241250c24c647635980fd962105e052366c1cdd30446e3d2a15faad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 14 Feb 2006 11:51:46 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1246
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK aspeech.gif
linc2u.com/apix/ 3 KB
4 KB 4128ms
63ms Image
image/gif 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linc2u.com/apix/aspeech.gif

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

174d9b2646668d23390b79772125c963c6aeff18e049ab161490e739e1927e2f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:46 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Tue, 23 Nov 2010 09:14:45 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3387
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
lincs2u.com/css/js/ 89 KB
32 KB 436ms
43ms Script
application/javascript 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to

Full URL

https://lincs2u.com/css/js/jquery.min.js

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

0b54c1cf7d5f554b38d4767cbd6321bef047adb0b94db961876e17a28d67956e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2019 20:26:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 32013
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK cookies6.js Show response
lincs2u.com/css/js/ 5 KB
2 KB 506ms
38ms Script
application/javascript 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to

Full URL

https://lincs2u.com/css/js/cookies6.js

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

8126c2f283bbcaf56870acab1463332f13371430af3b90feeeaf21ebaa74d5dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Content-Encoding: gzip
Last-Modified: Wed, 20 Nov 2019 12:31:51 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 2156
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK pagebg.gif
lincs2u.com/art/ 99 B
432 B 106ms
59ms Image
image/gif 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/pagebg.gif

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

cdf5798e06ee242d3545be1c992a4a02d5f89d0a9e3fbe2c75cbf85c1ddf471b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 22 Oct 2001 23:11:12 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 99
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK topbg.png
lincs2u.com/art/ 912 B
1 KB 169ms
61ms Image
image/png 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/topbg.png

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

6bb2cab98aa4d50334a6cd6166442d47a1c97d774cd9d48fe0c4ba01814254d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 07 Apr 2014 08:45:40 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 912
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H/1.1 200
OK topbgr.gif
lincs2u.com/art/ 718 B
1 KB 210ms
41ms Image
image/gif 185.41.10.35
SUB6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lincs2u.com/art/topbgr.gif

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.41.10.35 , United Kingdom, ASN200083 (SUB6, GB),

Reverse DNS

uk2.gbdir.net

Software

Apache /

Resource Hash

35fcd1ae0f43207035d5413cf1b0ae5b7332a03be050e4b6121a19ae2574d0a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 01:29:42 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Mon, 22 Oct 2001 13:54:14 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 718
Expires: Sat, 20 Aug 2015 20:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2810111006495966&plah=lincs2u.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e1d9e575bca42576a7aa2e8c3ff8d91899c126f2f12af8ac02dc6a8e6b8ffe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137282
x-xss-protection: 0
server: cafe
etag: 7757471749725251761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:29:42 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 0A95 9 KB
4 KB 123ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lincs2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 16213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 20:59:29 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 20:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7CAD 103 KB
39 KB 458ms
457ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=60&slotname=3325083669&adk=3653860310&adf=2422261944&pi=t.ma~as.3325083669&w=468&lmt=1701566982&format=468x60&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982599&bpp=3&bdt=215&idt=135&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=6106507759937&frm=20&pv=2&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2810111006495966&plah=lincs2u.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64340c7fb518918d68790c0b6d337a17f8b2cfaf2c7c21505979c296e38bcf0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lincs2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:43 GMT
expires: Sun, 03 Dec 2023 01:29:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B152 120 KB
42 KB 321ms
320ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=90&slotname=2932935525&adk=1133379702&adf=889735248&pi=t.ma~as.2932935525&w=728&lmt=1701566982&format=728x90&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982602&bpp=1&bdt=218&idt=146&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=6106507759937&frm=20&pv=1&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=746&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=148

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dbda1c1efb8f89e62c93235f637349fe972076695eb1fddcd30b7acad9a64e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lincs2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42490
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:43 GMT
expires: Sun, 03 Dec 2023 01:29:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E822 0
19 B 48ms
48ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&adk=1812271804&adf=3025194257&lmt=1701566982&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flincs2u.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982895&bpp=1&bdt=512&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C728x90&nras=1&correlator=6106507759937&frm=20&pv=1&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lincs2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:42 GMT
expires: Sun, 03 Dec 2023 01:29:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14956804228448261087
tpc.googlesyndication.com/simgad/ Frame B152 37 KB
37 KB 173ms
87ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14956804228448261087?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnUqTPE6tmApwrgPW5GnO3KIIkSZw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=90&slotname=2932935525&adk=1133379702&adf=889735248&pi=t.ma~as.2932935525&w=728&lmt=1701566982&format=728x90&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982602&bpp=1&bdt=218&idt=146&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=6106507759937&frm=20&pv=1&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=746&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7fa044e954f4d3dd174f26ec50a26567d51d91232ddbbd57107d9dbeec1d124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 02:11:57 GMT
x-content-type-options: nosniff
age: 170266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37891
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 07:56:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 02:11:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame B152 24 KB
9 KB 124ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A93 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=90&slotname=2932935525&adk=1133379702&adf=889735248&pi=t.ma~as.2932935525&w=728&lmt=1701566982&format=728x90&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982602&bpp=1&bdt=218&idt=146&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=6106507759937&frm=20&pv=1&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=746&ady=1357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=148
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 00:31:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame B152 225 B
355 B 122ms
43ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 04:32:33 GMT
x-content-type-options: nosniff
server: cafe
age: 75430
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Sun, 03 Dec 2023 04:32:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B152 3 KB
1 KB 128ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B152 20 KB
9 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B152 202 KB
64 KB 131ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:29:43 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B152 36 KB
15 KB 139ms
76ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A93
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
53ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:43 GMT
expires: Sun, 03 Dec 2023 01:29:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6954319569493384360
tpc.googlesyndication.com/simgad/ Frame 7CAD 34 KB
34 KB 79ms
79ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6954319569493384360?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlfjtB1PlDULMRFVZ7w5JPmsGwTfA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=60&slotname=3325083669&adk=3653860310&adf=2422261944&pi=t.ma~as.3325083669&w=468&lmt=1701566982&format=468x60&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982599&bpp=3&bdt=215&idt=135&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=6106507759937&frm=20&pv=2&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fae08605c018a5b2d4074a2410a31cd1e21bb6197b2f37100dbb5840713691f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 15:33:11 GMT
x-content-type-options: nosniff
age: 208592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34720
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 15:29:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 15:33:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 7CAD 24 KB
9 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D2B0 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2810111006495966&output=html&h=60&slotname=3325083669&adk=3653860310&adf=2422261944&pi=t.ma~as.3325083669&w=468&lmt=1701566982&format=468x60&url=https%3A%2F%2Flincs2u.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701566982599&bpp=3&bdt=215&idt=135&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=6106507759937&frm=20&pv=2&ga_vid=712815704.1701566983&ga_sid=1701566983&ga_hid=1695463742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809317%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1912002086575629&tmod=1538986464&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=144
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 00:31:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7CAD 3 KB
1 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7CAD 20 KB
8 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CAD 202 KB
64 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:29:43 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 7CAD 36 KB
14 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
DATA 200
OK truncated
/ Frame B152 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82d9a11bafef6801b54df76588f7ced6aeb874743565ab9a28bcbc5fadc06549

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D2B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
46ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:43 GMT
expires: Sun, 03 Dec 2023 01:29:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7CAD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23350698c544e9699875588d9e6f01f5e99f5a287fb9c1657f533441bef3762a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B152
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIjMvBtprZeXkL-rLjuwPr_-zkAjd9e2odK3B5-r-EZHDiZuUDhABIPiW6AlglYKggrAHoAHn6PbRA8gBAqgDAcgDyQSqBPYBT9CQ-h1W8FHiCU-9O_da0fUjG16mLhmWvq40CaZqWaaJgLa...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210025356458700598025%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%222...

0
0

154ms
74ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210025356458700598025%22,%22debug_reporting%22:true,%22destination%22:%22https://asus.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977122407%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225425718233670555921%22}&andc=true

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10025356458700598025","debug_reporting":true,"destination":"https://asus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977122407"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5425718233670555921"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:29:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:29:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10025356458700598025","debug_reporting":true,"destination":"https://asus.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977122407"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5425718233670555921"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame EC33 51 KB
19 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 278781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:03:22 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7CAD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Z0LBtprZYevL8OpjuwPvOOp4AnzoeG9dO_BydjUEuiqtpWLAxABIPiW6AlglYKggrAHoAGSmav8AsgBAqgDAcgDyQSqBPIBT9AS_wypQ5nime9x16aYeICF-hVoj-RIasf97_DbubRZu_7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22101983724504278603%22,%22debug_reporting%22:true,%22destination%22:%22https://crowdstrike.com%22,%22event_report_window%22...

0
0

154ms
74ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22101983724504278603%22,%22debug_reporting%22:true,%22destination%22:%22https://crowdstrike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22797625490%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226679801824453202545%22}&andc=true

Requested by

Host: lincs2u.com
URL: https://lincs2u.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"101983724504278603","debug_reporting":true,"destination":"https://crowdstrike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["797625490"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"6679801824453202545"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:29:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:29:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"101983724504278603","debug_reporting":true,"destination":"https://crowdstrike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["797625490"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"6679801824453202545"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5042 51 KB
19 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 278781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:03:22 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 171ms
73ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:29:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 137ms
72ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:29:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7CAD 42 B
64 B 151ms
74ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMXfeIg6wOpyNdOblA656vXzLVUN93aTxkL9rx4T4N39PsisFoBUWeXZ1z-uMepkpZtYHjRqs2Jb4O-Bu01jazXs7oN32Lwm7ElPpgrgpbCQLzgBh3-DzIdJAU0OV3BZL3Lr_e4N1kqVpl&sai=AMfl-YTdPGh70VEl-j-GQgHTGLJ4tCBBx5bZQXagvndnavskVU8e8-GOJSI1JNI5CZItiR7D5GAUNJ3dn9VwoZmIE8A_3Rr7OYY5E8-t_OPq0m85sYE2aPu1ZNrU0uvD01UGE2vVvT9W23JikAoFGsT0Y-gXDoMea0e-_OlL&sig=Cg0ArKJSzLSnSfydqXKIEAE&cid=CAQSTwDICaaNJD-3wT4uOE3uQcb0DFJcsXgwdPvOCA6D6hFedRyZFyY4UEzWz2Jjinf9illXS-F3Su7Qo-xIgsFZkBIZ5RSKQyssu-a6TdPNvcwYAQ&id=lidar2&mcvt=1000&p=0,0,58,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3653860310&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701566982745&rpt=617&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 59ms
58ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

205a952f86a3a4e5836d0d8c4078ccffb30a63399851d6ee6bd2f51314505af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12353
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lincs2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 01:29:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2EA 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lincs2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 28551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 36F7 829 B
996 B 50ms
50ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a019463c41cb68b1c07440a283ba4c184131b5f4f1162ac0236b4073cef292bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RPQogR-FMRZl0hxjgmCcDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lincs2u.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RPQogR-FMRZl0hxjgmCcDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:29:46 GMT
expires: Sun, 03 Dec 2023 01:29:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C2EA 39 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 36F7 0
0 71ms
71ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1912002086575629&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C2EA 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KTXYZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:29:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lincs2u.com/	1970-01-20 16:40:53	Name: cookiesDisclosureCount Value: 1
.lincs2u.com/	1970-01-21 02:01:02	Name: __gads Value: ID=6d1f8b583b71a71f:T=1701566982:RT=1701566982:S=ALNI_Matjsnq4IxtkQM64Y8gvvwIqIUUBA
.lincs2u.com/	1970-01-21 02:01:02	Name: __gpi Value: UID=00000d01bc8d9cd5:T=1701566982:RT=1701566982:S=ALNI_MaEI-cdI6EeuuaC8GVxUft0ihIi2A
.doubleclick.net/	1970-01-20 16:39:30	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:01:02	Name: IDE Value: AHWqTUmhsx8do1M9LZzbnqkdvb1K6D73NYbsybAdvHG21YeE0cK32wbZoGpfz9RqFSs
.googleadservices.com/	1970-01-20 18:49:02	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
linc2u.com
lincs2u.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
172.217.18.2
185.41.10.35
2a00:1450:4001:809::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b54c1cf7d5f554b38d4767cbd6321bef047adb0b94db961876e17a28d67956e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
174d9b2646668d23390b79772125c963c6aeff18e049ab161490e739e1927e2f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1dbda1c1efb8f89e62c93235f637349fe972076695eb1fddcd30b7acad9a64e4
1e1d9e575bca42576a7aa2e8c3ff8d91899c126f2f12af8ac02dc6a8e6b8ffe2
205a952f86a3a4e5836d0d8c4078ccffb30a63399851d6ee6bd2f51314505af8
23350698c544e9699875588d9e6f01f5e99f5a287fb9c1657f533441bef3762a
25056b7d6241250c24c647635980fd962105e052366c1cdd30446e3d2a15faad
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35fcd1ae0f43207035d5413cf1b0ae5b7332a03be050e4b6121a19ae2574d0a6
3b1fc4e3e9840f6820452f9bd6c27bc47aede1b7e42539b677b8a02e767771b6
432d370e9e05c983f4f2ef24a7c8def1a083f4f73c356ddd80a8d30750e946a7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64340c7fb518918d68790c0b6d337a17f8b2cfaf2c7c21505979c296e38bcf0c
6bb2cab98aa4d50334a6cd6166442d47a1c97d774cd9d48fe0c4ba01814254d0
75055f7e9998d342210fae0dfa6fdd16c14c76e805ad98e54fe33abab195fb4f
76738293ad487a8667b4c07da3bda9d70f9f9beba595da2179e9e2ff89bf569c
79ebe992b8a09125e4738ecd06f5165926dcb050e8152eb6288bb020f725b1c6
7e5a00a48384832e0ff405faca97769434ae2bde14ae7f2169363fbcfbfc174f
7fae08605c018a5b2d4074a2410a31cd1e21bb6197b2f37100dbb5840713691f
8126c2f283bbcaf56870acab1463332f13371430af3b90feeeaf21ebaa74d5dc
82d9a11bafef6801b54df76588f7ced6aeb874743565ab9a28bcbc5fadc06549
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a019463c41cb68b1c07440a283ba4c184131b5f4f1162ac0236b4073cef292bf
a7fa044e954f4d3dd174f26ec50a26567d51d91232ddbbd57107d9dbeec1d124
aa0473d1aa346eacc5f778d488b3eeae3f1402f62d6e6fe4ad2aa1cf791890a6
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
cdf5798e06ee242d3545be1c992a4a02d5f89d0a9e3fbe2c75cbf85c1ddf471b
e028ff4db8ecb85088fa65e634873bd9204f9d862f4ba8b65003676913ae168f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

lincs2u.com Open in urlscan Pro 185.41.10.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

8 IPs

3 Countries

677 kBTransfer

1746 kBSize

6 Cookies

46 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

lincs2u.com Open in urlscan Pro
185.41.10.35 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

677 kB
Transfer

1746 kB
Size

6
Cookies

51 HTTP transactions
2 data transactions