urlscan.io logo urlscan.io
SecurityTrails logo

kevan.org Open in urlscan Pro
94.76.250.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kevan.org/jh/ayaan1
Effective URL: https://kevan.org/johari?name=ayaan1
Submission: On March 06 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 94.76.250.83, located in United Kingdom and belongs to SIMPLYTRANSIT, GB. The main domain is kevan.org.
TLS certificate: Issued by R3 on January 8th 2021. Valid for: 3 months.
This is the only time kevan.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    94.76.250.83 (United Kingdom)

ASN29550 (SIMPLYTRANSIT, GB)
PTR: dux.kevan.org
kevan.org
7    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com kevan.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 kevan.org 2 redirects kevan.org
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
1 www.google.com 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
31 12

This site contains no links.

Subject Issuer Validity Valid
kevan.org
R3		 2021-01-08 -
2021-04-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://kevan.org/johari?name=ayaan1
Frame ID: 903E185B6A181585E5457CCD6627F85E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: A74D75917848536BF6F7D9A025FC4CA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Frame ID: 33B891A7E56B38AA3135AD94C9263E86
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&adk=1812271804&adf=3025194257&lmt=1615001974&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&ea=0&flash=0&pra=7&wgl=1&dt=1615001974408&bpp=3&bdt=202&idt=114&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5783974773405&frm=20&pv=1&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=119
Frame ID: E685DB6B5117619E661B1E9EE3318DE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 19DCAA11E98456F797231C6D1FEF5E9C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 4C5FBA94B100AC800D9C97D961F8264B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B2DA93854E98E3A3CC5392B236CB08CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kevan.org/jh/ayaan1 HTTP 301
    https://kevan.org/jh/ayaan1 HTTP 301
    https://kevan.org/johari?name=ayaan1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

31
Requests

100 %
HTTPS

85 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

338 kB
Transfer

812 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kevan.org/jh/ayaan1 HTTP 301
    https://kevan.org/jh/ayaan1 HTTP 301
    https://kevan.org/johari?name=ayaan1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request johari
kevan.org/
Redirect Chain
  • http://kevan.org/jh/ayaan1
  • https://kevan.org/jh/ayaan1
  • https://kevan.org/johari?name=ayaan1
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kevan.org/johari?name=ayaan1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.76.250.83 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS
dux.kevan.org
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ea4787767476c90e251209fa89605cd7baaa00685c51e93cf37c5fc3ea4bfbb8

Request headers

Host
kevan.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 03:39:34 GMT
Server
Apache/2.2.15 (CentOS)
Content-Type
text/html; charset=UTF-8
Content-Language
cgi
Connection
close
Transfer-Encoding
chunked

Redirect headers

Date
Sat, 06 Mar 2021 03:39:34 GMT
Server
Apache/2.2.15 (CentOS)
Location
https://kevan.org/johari?name=ayaan1
Content-Length
244
Connection
close
Content-Type
text/html; charset=iso-8859-1
johari.css
kevan.org/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kevan.org/css/johari.css
Requested by
Host: kevan.org
URL: https://kevan.org/johari?name=ayaan1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.76.250.83 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB),
Reverse DNS
dux.kevan.org
Software
Apache/2.2.15 (CentOS) /
Resource Hash
736b83ccda4d019253a77daf5d89bf8d7144a5c15851c6d822bbfedd95f1f125

Request headers

Referer
https://kevan.org/johari?name=ayaan1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 06 Mar 2021 03:39:34 GMT
Last-Modified
Tue, 10 Jan 2017 10:56:42 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"9eeb4a-682-545bb56dbce80"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1666
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kevan.org
URL: https://kevan.org/johari?name=ayaan1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50479
x-xss-protection
0
server
cafe
etag
13215137272821469477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 06 Mar 2021 03:39:34 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Mar 2021 03:39:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame A74D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210303/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kevan.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kevan.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 05 Mar 2021 21:27:47 GMT
expires
Fri, 19 Mar 2021 21:27:47 GMT
content-type
text/html; charset=UTF-8
etag
14371272352318978350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
5136
x-xss-protection
0
age
22307
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		199 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kevan.org&callback=_gfp_s_&client=ca-pub-5716051263111352
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a74a1e2dc1a55957c99768a0693eb92020046baab1a5ade0130cd493b4f84b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kevan.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 03:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kevan.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 03:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 33B8 		60 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdee483c254a440b0c43dd9ee1aad2ae002803ce67b7a7cf9c27e380ef494cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kevan.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kevan.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 06 Mar 2021 03:39:34 GMT
server
cafe
content-length
20910
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 03:54:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Mar 2021 03:39:34 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sat, 06 Mar 2021 03:39:34 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E685 		54 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&adk=1812271804&adf=3025194257&lmt=1615001974&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&ea=0&flash=0&pra=7&wgl=1&dt=1615001974408&bpp=3&bdt=202&idt=114&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5783974773405&frm=20&pv=1&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5716051263111352&output=html&adk=1812271804&adf=3025194257&lmt=1615001974&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&ea=0&flash=0&pra=7&wgl=1&dt=1615001974408&bpp=3&bdt=202&idt=114&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5783974773405&frm=20&pv=1&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kevan.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kevan.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 06 Mar 2021 03:39:34 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 03:54:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Mar 2021 03:39:34 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 33B8 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Mar 2021 03:26:59 GMT
server
ESF
date
Sat, 06 Mar 2021 03:39:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Mar 2021 03:39:34 GMT
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/spam_signals/ Frame 33B8 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 21:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2773
x-xss-protection
0
server
cafe
etag
3338119961263385223
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 21:44:44 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 33B8 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Mar 2021 03:02:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 33B8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Mar 2021 03:23:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 33B8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 02:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Mar 2021 02:46:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33B8 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Sat, 06 Mar 2021 03:39:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 33B8 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 02:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Mar 2021 02:00:36 GMT
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame 33B8 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 14:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 07:11:17 GMT
server
sffe
age
47368
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Thu, 03 Jun 2021 14:30:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 33B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-K7RdvlCYMOOIoaYrASR7ZyoBN_zpbhh2sifs7kNs-bp8fseEAEgltT_AWCViriCyAegAZKZq_wCyAEBqAMByAPLBKoEqQFP0J2VBkgD8xGtARDLkfEAPHkgWkHOMdeIzq8kBF3ONnc2sPmgMmllHxNN26g5N-7uIRVXDpKCwMej6UtZ4ho1x3me8saRRM-_JFukDvFfADKnQb95KSvinfSQ_rOmv2b1UvdAS8hOvrE9wvzPYUKCZQeYmR9H7G9U5-dDWGeqzn7GgPulmp2SddF5dneYWRH0OglKXd6go0ujJiO10E4kvVqdq5v9iMjDwATv1PyIxAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH1ubUgwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwUQxb-3FNIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01NzE2MDUxMjYzMTExMzUy&sigh=uYP13-PirIw&tpd=AGWhJmvHdjSVXzpd7ZZoe66j2Fs77plGtrPmpFuLfpobwDH8xQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 06 Mar 2021 03:39:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 06 Mar 2021 03:39:34 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 19DC 		143 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 06 Mar 2021 03:34:33 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
301
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 33B8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49f70cc95c8e5f4bc1e40e58cc0605bea961d88888ebb3a186acf15929cb5b11

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 33B8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 01:58:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
178874
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 04 Mar 2022 01:58:20 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 33B8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 16:18:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
213661
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Thu, 03 Mar 2022 16:18:33 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 19DC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl4U4vEdoDWgyo5XCYFXDzcnexqrw_2bCWnfbAW4OOvfeyBsAKk_ke83DS4fSw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 06 Mar 2021 03:39:34 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 06-Mar-2021 04:39:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 06 Mar 2021 03:39:34 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 06 Mar 2021 03:39:34 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756b521c51b5f64a313943f1f4128b3f3cda631e2e59d156908e5dd6be9e6b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 06 Mar 2021 03:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6484
x-xss-protection
0
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 4C5F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5716051263111352&output=html&h=280&slotname=8849476337&adk=1877834308&adf=854766408&pi=t.ma~as.8849476337&w=1200&fwrn=4&fwrnh=100&lmt=1615001974&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkevan.org%2Fjohari%3Fname%3Dayaan1&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615001974393&bpp=15&bdt=188&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5783974773405&frm=20&pv=2&ga_vid=1504261992.1615001975&ga_sid=1615001975&ga_hid=2087062943&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44735931%2C44736377%2C44737562%2C21068084&oid=3&pvsid=2407775725517575&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFd3o2apB3&p=https%3A//kevan.org&dtd=119
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
219071
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5716051263111352&plah=kevan.org&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 03:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 06 Mar 2021 03:39:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B2DA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kevan.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kevan.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 20:51:37 GMT
expires
Sat, 05 Mar 2022 20:51:37 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24478
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame B2DA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
219071
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=2407775725517575&bg=!q6ilqOvNAAWsVXnBrDsAKQB2-Dxat6mec7KllqU2kkqAQkJ1OXSso7V94l5yo__Cyq66Wp9_pNqoAgAAAFpSAAAADGgBBwoBGESoVGEF2-LuFPiYs5hOzU2AO7naumxwDI_Nt4O1cR841XejT4e0x-yTrvsTqzNQi8kjBh35KCdYNGT6sgsx2Z5rMKYn8IS24H1aId4zJ9_xGz_rM45NdT4uOE4lSTOVPB3iWb7Tmmng1U5noxbjDIQqPstGNHI6HKH4cBQf5g2Kc57bLb1EztQWNTpyqIsq6eSWxs23c0OttlsL5_RUPistUe5bvf2x5_28MxN4Wi2-XVUO5VyqkedzwPTmxm5xgzioBKkKiCZdp2AnYWXxIG-eKYF8ClKIrh0IsrgI4zb47Z_C4sp8c6fYfSqEhWm-1mgSoNnTKE0bYfsPxKET0z_l5qn-Eq8zRiSuwQAyQi-W6ZexWo_WVGmZAhDwej8voq4gOK7zj9jCVlmRuGymwjjhWjiNg8c8qJv_HTfKfYB8R7rXfELK4VpkbFiqrSjUO5JUlLUXLzZH48vlhWzejy1pyw2c0LyL6aC4kT2e0OTxtB7qnj6CpgzpUpzEV_Ht4wDSzxqBHoBwrYyRy0hMFSxATP5fupG6t2vqSGN0rAAt9fOW9prdmra3Y5P9pmva3-m-F92XYCc4YiPOK5hmOMsLMjZOlWtiZ7lT61a3lzX3vamG3-w7Utv0whHRtr4e5GWZ033kpRx4wVdaOBbJqOhVan5yO4ih8O__uZX9Y1rVysKv6kJ2vsM2oh0AjU2bKmjpRu6s-21x5mruqgLiSq_1s7im4ydM22LxUmMxMsQsQQqjlidmIOQD4WcDHcVEAZ_sKjKM90cuEi49x3y74ss7jJJXgmc56jlzBVne_tusWKdZlRIzjKPsTF1_UAU01ECF6sDWKmiBhB4o7bPQvgsEvmnZL9dhsomAENWYK79DReAw0e_315HlabXNli8rDVve3uTeamtsHW5tWDJ1tBG24UB8uF5Azg_uwY2YGVnQnuMBx3aEkxiWXnEQIWVHN-a0UjuBLv3Qa4hGnTatvUhpnJgjIRi2c_UgcE2-OmMC0faSSzBdWiQXMnfLeJKvZ03sbSO243ZUMReHqQq0E7MeZk_oIhzvQ4_6m-IoyDcGDKmAY1Y2kwfHpp4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kevan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 03:39:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 33B8 		42 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBdTDswjvJBHQMy_0wLpv8HJ0flzH6uhJ-35XaezezCwZ-JjsKRfLPkJcbL-sq4vWfUkdrNnSoonSKqbS2az2LQRQdhFMXO1rPowjIDW7S6afPm7prugc9HeMRsg&sai=AMfl-YQeG3el1JOsDI0ij9YX3voQJYv0K8WZMs5XYsuaER93q2tnr7OloqPhj5leg4QJHwKd0VIRL57bjt4J&sig=Cg0ArKJSzAtW0W8ECfoXEAE&id=osdim&mcvt=1002&p=8,200,288,1400&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1877834308&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1615001974517&dlt=310&rpt=70&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 03:39:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| validate function| boxclick object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUl4U4vEdoDWgyo5XCYFXDzcnexqrw_2bCWnfbAW4OOvfeyBsAKk_ke83DS4fSw
.kevan.org/ Name: __gads
Value: ID=850f8ccb7765aa9b-22565435faa60064:T=1615001974:RT=1615001974:S=ALNI_Maqchf7A0Ygg6VMVTXo5upGQwCoNw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kevan.org
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
94.76.250.83
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
49f70cc95c8e5f4bc1e40e58cc0605bea961d88888ebb3a186acf15929cb5b11
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
736b83ccda4d019253a77daf5d89bf8d7144a5c15851c6d822bbfedd95f1f125
756b521c51b5f64a313943f1f4128b3f3cda631e2e59d156908e5dd6be9e6b0d
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a74a1e2dc1a55957c99768a0693eb92020046baab1a5ade0130cd493b4f84b73
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
cdee483c254a440b0c43dd9ee1aad2ae002803ce67b7a7cf9c27e380ef494cf1
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
e7cb0567c7f8816067f80508b906ccdad89e9e76e05573464926eec5a5276d84
ea4787767476c90e251209fa89605cd7baaa00685c51e93cf37c5fc3ea4bfbb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7