app.real.discount Open in urlscan Pro
67.205.1.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ift.tt/3wWHwoF
Effective URL:
https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Submission: On April 19 via manual (April 19th 2021, 6:54:42 pm UTC) from IN

Summary HTTP 117 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 27 domains to perform 117 HTTP transactions. The main IP is 67.205.1.188, located in United States and belongs to DREAMHOST-AS, US. The main domain is app.real.discount.
TLS certificate: Issued by R3 on April 1st 2021. Valid for: 3 months.

This is the only time app.real.discount was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
13	67.205.1.188 67.205.1.188	26347 (DREAMHOST-AS) (DREAMHOST-AS)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	152.199.21.236 152.199.21.236	15133 (EDGECAST) (EDGECAST)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	63.33.127.66 63.33.127.66	16509 (AMAZON-02) (AMAZON-02)
19	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	18.196.98.222 18.196.98.222	16509 (AMAZON-02) (AMAZON-02)
5 5	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
6 6	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	52.41.116.81 52.41.116.81	16509 (AMAZON-02) (AMAZON-02)
117	28

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)

ift.tt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 67.205.1.188 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: ps569021.dreamhostps.com

app.real.discount	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.real.discount	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.21.236 (United States)

ASN15133 (EDGECAST, US)

img-a.udemycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.127.66 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.98.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.227.252.103 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.78 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.145.8 (Berlin, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.20 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.116.81 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	88 KB
30	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	233 KB
13	real.discount app.real.discount www.real.discount	297 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	147 KB
8	google.com 2 redirects analytics.google.com adservice.google.com www.google.com	687 B
6	pubmatic.com 6 redirects image6.pubmatic.com	5 KB
5	openx.net 5 redirects rtb.openx.net	2 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com	4 KB
4	googletagservices.com www.googletagservices.com	135 KB
4	google.de www.google.de adservice.google.de	457 B
3	quantserve.com cms.quantserve.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagmanager.com www.googletagmanager.com	126 KB
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com	889 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	918 B
2	everesttech.net 2 redirects pixel.everesttech.net	750 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	304 B
1	innovid.com ag.innovid.com	296 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects d.agkn.com	761 B
1	googleadservices.com partner.googleadservices.com	642 B
1	cloudflare.com cdnjs.cloudflare.com	58 KB
1	jquery.com code.jquery.com	30 KB
1	udemycdn.com img-a.udemycdn.com	46 KB
1	ift.tt 1 redirects ift.tt	288 B
117	27

	Domain	Requested by
19	cm.g.doubleclick.net	app.real.discount googleads.g.doubleclick.net
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	app.real.discount pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net app.real.discount
11	app.real.discount	app.real.discount
6	image6.pubmatic.com	6 redirects
6	fonts.gstatic.com	fonts.googleapis.com
5	rtb.openx.net	5 redirects
5	www.google.com	2 redirects app.real.discount googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	cms.quantserve.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	app.real.discount www.googletagmanager.com
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google.de	app.real.discount
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.real.discount	app.real.discount
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	app.real.discount
1	code.jquery.com	app.real.discount
1	img-a.udemycdn.com	app.real.discount
1	ift.tt	1 redirects
117	35

This site contains links to these domains. Also see Links.

Domain
www.real.discount
www.facebook.com
twitter.com
discord.gg
t.me
www.linkedin.com
www.reddit.com
www.udemy.com

Subject Issuer	Validity	Valid
www.app.real.discount R3	`2021-04-01` - `2021-06-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.real.discount R3	`2021-03-24` - `2021-06-22`	3 months	crt.sh
*.udemycdn.com DigiCert SHA2 Secure Server CA	`2019-11-14` - `2021-11-18`	2 years	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 15 frames:

Primary Page: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Frame ID: 2AE017381FE3B170ADE82F1EC0DEEE0A
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html
Frame ID: 71BD068ADED95A69A23A1BA92C452F95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&adk=1812271804&adf=3025194257&lmt=1618858465&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465084&bpp=21&bdt=68&idt=99&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8621627863973&frm=20&pv=2&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&dtd=111
Frame ID: 4F4B770A31508E12F6D49DE5616B6584
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=2722570078&adf=2045022346&pi=t.ma~as.2787297283&w=856&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465571&bpp=34&bdt=555&idt=35&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dOTFOZVdRE&p=https%3A//app.real.discount&dtd=41
Frame ID: AB63AA400110E1667E52A1BF03EE55BC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5
Frame ID: 418C51E5BEB09C23FCAAD9E0A7ED837F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16
Frame ID: 5AF00CF27BCB6618F402C974FED69953
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BCB2E4FF51D759A27FCA56685976D97A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCD677D89FCA0BFFD3D18BDCD3C854D7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F50C90E3C1CCAB76DAA9FF8C94BD354A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C8A4E4B4DD53EB1B64A509D749433EAA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C2438579480534E697685CE76BAD9930
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 3A8F1F5066F427D0671649D762BA07AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: E95FD43CC1F00ECC2E416B6404CFFBEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: F3DE34937C3E0FFE057D61A4048C838F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 05FF25C64D4683D39D79236C6418026B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ift.tt/3wWHwoF HTTP 301
https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

117
Requests

100 %
HTTPS

59 %
IPv6

27
Domains

35
Subdomains

28
IPs

7
Countries

1186 kB
Transfer

3123 kB
Size

2
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.real.discount/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.real.discount/2020/07/19/promote-your-courses/
Title: Promote Your Courses

Search URL Search Domain Scan URL

URL: https://www.facebook.com/discount.real

Search URL Search Domain Scan URL

URL: https://twitter.com/RealDiscount1

Search URL Search Domain Scan URL

URL: https://discord.gg/wMWPU2e

Search URL Search Domain Scan URL

URL: https://t.me/real_discount

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/real-discount

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/saadmerie/

Search URL Search Domain Scan URL

URL: https://www.udemy.com/course/advance-bug-bounty-hunting-penetration-testing-course-2021-t/?couponCode=DECRYPT3R
Title: Get Coupon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ift.tt/3wWHwoF HTTP 301
https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJJhveSMlj1TEbPeYNH17iHlYfcbYcTJqNm_F0SYAuQJ_DHBTGbWe8oGq2dlbidMbN85Q-C6BJ68AWfjdEYPf7ABRyz_Aw&google_gid=CAESEAFwbguRjXinoMvnZPBJfAM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFCQkZxLVdSTw&google_push=AQvitUJJhveSMlj1TEbPeYNH17iHlYfcbYcTJqNm_F0SYAuQJ_DHBTGbWe8oGq2dlbidMbN85Q-C6BJ68AWfjdEYPf7ABRyz_Aw

Request Chain 85

https://d.agkn.com/pixel/2175/?google_gid=CAESECzXGr5Okt4GVqX1Elu6kbs&google_cver=1&google_push=AQvitUKTWN22WE3MBvqkHRPuvOf8PDUnJIWg9QflK-zZM4MzG4uY8u0Oh3SWUhuIcARcau_Kqt8RCviyQdDoo34y2kaNByOMfB1x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKTWN22WE3MBvqkHRPuvOf8PDUnJIWg9QflK-zZM4MzG4uY8u0Oh3SWUhuIcARcau_Kqt8RCviyQdDoo34y2kaNByOMfB1x&google_hm=Q0FFU0VDelhHcjVPa3Q0R1ZxWDFFbHU2a2Jz

Request Chain 86

https://rtb.openx.net/sync/dds?google_gid=CAESEFMBlfrylbbMOf0mdgXKxYE&google_cver=1&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFMBlfrylbbMOf0mdgXKxYE&google_cver=1&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T&google_hm=Zd0cKfrYwqwzLix8Inpamw==

Request Chain 87

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFzG8bA-P2niCA_PIax-gLM&google_cver=1&google_push=AQvitUKEsH0RICa3J6QTlsJGCppRzO-JgZfBUjOb2RBP6a9v7IsnVgZPTiXi6r8wPsQy_kKSleTKpef7lgINknyMQKviW_DbkaM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFzG8bA-P2niCA_PIax-gLM&google_cver=1&google_push=AQvitUKEsH0RICa3J6QTlsJGCppRzO-JgZfBUjOb2RBP6a9v7IsnVgZPTiXi6r8wPsQy_kKSleTKpef7lgINknyMQKviW_DbkaM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkCa8fCUQTKnrX31CVjQtg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEsH0RICa3J6QTlsJGCppRzO-JgZfBUjOb2RBP6a9v7IsnVgZPTiXi6r8wPsQy_kKSleTKpef7lgINknyMQKviW_DbkaM

Request Chain 88

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHP7JpvIaIubwK2FrPJwYpo&google_cver=1&google_push=AQvitUJoWiFl3wFwQWhkTOIx4VQg2lYUiE6xLwO_YppsMPd40peYQ-mkk-87t7acd4kRcgGt_K-cy_F5sy6nOJ8AtzrYhCkse0Rq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QkYtMy1BWjJI&google_push=AQvitUJoWiFl3wFwQWhkTOIx4VQg2lYUiE6xLwO_YppsMPd40peYQ-mkk-87t7acd4kRcgGt_K-cy_F5sy6nOJ8AtzrYhCkse0Rq

Request Chain 89

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAAliyzorCSbtCt0wBrvaDE&google_cver=1&google_push=AQvitUIIBF0tWe7p_uTTY-IPL_ox3i3NwhsgwAcG9sG1HfSeeRlPR1-eIxNM3eTn5XEc4FjtQQCTm-vVPVCHyuH6UpFDrXMXC5bu HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAAliyzorCSbtCt0wBrvaDE&google_cver=1&google_push=AQvitUIIBF0tWe7p_uTTY-IPL_ox3i3NwhsgwAcG9sG1HfSeeRlPR1-eIxNM3eTn5XEc4FjtQQCTm-vVPVCHyuH6UpFDrXMXC5bu&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_cver=1&google_push=AQvitUIIBF0tWe7p_uTTY-IPL_ox3i3NwhsgwAcG9sG1HfSeeRlPR1-eIxNM3eTn5XEc4FjtQQCTm-vVPVCHyuH6UpFDrXMXC5bu&google_gid=CAESEAAliyzorCSbtCt0wBrvaDE

Request Chain 93

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULho-DX04xZiSLUquP3AjO8-L5PZ6sYv0z3QnbupOenp_KtuArA-koNUwi9vFiBLzxox7kIFo_pEu3v1rv355_AmmuxcVc&google_gid=CAESEN_xl3CI1JjLgdbNnnAzFxk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFBRHUxeFVuUQ&google_push=AQvitULho-DX04xZiSLUquP3AjO8-L5PZ6sYv0z3QnbupOenp_KtuArA-koNUwi9vFiBLzxox7kIFo_pEu3v1rv355_AmmuxcVc

Request Chain 95

https://rtb.openx.net/sync/dds?google_gid=CAESEPUkxMPDlZypkivGGgQ48Ac&google_cver=1&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPUkxMPDlZypkivGGgQ48Ac&google_cver=1&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo&google_hm=Zd0cKfrYwqwzLix8Inpamw==

Request Chain 96

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEABtzpVrTnP3lLjQ-sgOWHc&google_cver=1&google_push=AQvitUKvTMV8nxh6w8ACB_-hlN1ITeIDhW8j0C4XUhzTr53IuyNjupxUyYX9ch0Zhmc1JuO9EDobOGcOzSKIwl8AUdx7YUhP6wk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEABtzpVrTnP3lLjQ-sgOWHc&google_cver=1&google_push=AQvitUKvTMV8nxh6w8ACB_-hlN1ITeIDhW8j0C4XUhzTr53IuyNjupxUyYX9ch0Zhmc1JuO9EDobOGcOzSKIwl8AUdx7YUhP6wk&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_KX3VjBkTx6Y4GnoWGob-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKvTMV8nxh6w8ACB_-hlN1ITeIDhW8j0C4XUhzTr53IuyNjupxUyYX9ch0Zhmc1JuO9EDobOGcOzSKIwl8AUdx7YUhP6wk

Request Chain 98

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ-CZxK9LlFZ7LNvnalvfhk&google_cver=1&google_push=AQvitUIq9g6y0164skBTbstnbkY3qzJdjREYKiN-jf75lyaXnFBJ9lyC4icKCJ_4JquSBpUuFd-LOaFVgSEKMlHdDh_BrsSXwB-8 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIq9g6y0164skBTbstnbkY3qzJdjREYKiN-jf75lyaXnFBJ9lyC4icKCJ_4JquSBpUuFd-LOaFVgSEKMlHdDh_BrsSXwB-8&google_hm=

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 103

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKouBE7M6eYhMVGW8wb9iwPrB-pd_7mwV64UGHQXqrYIoQEMaADn_EA9mxIbTlgdHZ-4lcWfMoOEunEYRKL42gz2lo9Rrqq&google_gid=CAESEN_a1Je9rPzmgJfIfGXJU-M&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOKj94MGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLb3VCRTdNNmVZaE1WR1c4d2I5aXdQckItcGRfN213VjY0VUdIUVhxcllJb1FFTWFBRG5fRUE5bXhJYlRsZ2RIWi00bGNXZk1vT0V1bkVZUktMNDJnejJsbzlScnFx HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdVpUelZ5X05Nblk4TjFpOUp5RTUzN0RCMXhQN0hwUEEtSnZpcGZkMG9Baw==&google_push

Request Chain 104

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6-FoqEZWQZW54Hy_C9P7WlKzatD1zZ_44MjIm1EJTWa-Ogxxw9lhjV8LXL1mjhD3TAcbUc3gGI-mVqGSonRyqJcvHmhNf&google_gid=CAESEKvyzoziwQa2DmCK36Wdtu0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6-FoqEZWQZW54Hy_C9P7WlKzatD1zZ_44MjIm1EJTWa-Ogxxw9lhjV8LXL1mjhD3TAcbUc3gGI-mVqGSonRyqJcvHmhNf&google_gid=CAESEKvyzoziwQa2DmCK36Wdtu0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTkxODU0Mjc1NjA4ODI3MjUzMTc4Nw%3D%3D&google_push=AQvitUL6-FoqEZWQZW54Hy_C9P7WlKzatD1zZ_44MjIm1EJTWa-Ogxxw9lhjV8LXL1mjhD3TAcbUc3gGI-mVqGSonRyqJcvHmhNf

Request Chain 105

https://rtb.openx.net/sync/dds?google_gid=CAESEKsuaJN9GcgopqCvGC1ROK8&google_cver=1&google_push=AQvitULoHQOpNcVvQxy2d_6CtyzMC1ykJ3IS84XMM-JL77tl7d0b96CM49NTIGQFHGIdTWc35tWJkxk7E8V6LL7ZQs8CmgNQyqNn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULoHQOpNcVvQxy2d_6CtyzMC1ykJ3IS84XMM-JL77tl7d0b96CM49NTIGQFHGIdTWc35tWJkxk7E8V6LL7ZQs8CmgNQyqNn&google_hm=Zd0cKfrYwqwzLix8Inpamw==

Request Chain 106

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBoUHGWOBRFT3fRV5paPg3I&google_cver=1&google_push=AQvitUIFjhnQGvWWtRPFAKBn2xNsgtuOpQV7Zzh-ZK-D6__hynmsuWB8UwCuTXPso-HiRr9ipp1l6FPG2-6iPZGPp7BEDWRKCX38 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBoUHGWOBRFT3fRV5paPg3I&google_cver=1&google_push=AQvitUIFjhnQGvWWtRPFAKBn2xNsgtuOpQV7Zzh-ZK-D6__hynmsuWB8UwCuTXPso-HiRr9ipp1l6FPG2-6iPZGPp7BEDWRKCX38&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j04twkxQT--KhgwigBXhaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIFjhnQGvWWtRPFAKBn2xNsgtuOpQV7Zzh-ZK-D6__hynmsuWB8UwCuTXPso-HiRr9ipp1l6FPG2-6iPZGPp7BEDWRKCX38

Request Chain 107

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAUWHaMmb4LyvBfMzcGHGpQ&google_cver=1&google_push=AQvitULpaPwAC2suoB5Fc_HBOqdWKsTB_FhNI0FeIbk-iQyq7shSwHtJJC2zEcYXNDwrTrs-iuDjs0Khw0Ii548GH-NO_5kofp_3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QzYtMVAtRlpSNg==&google_push=AQvitULpaPwAC2suoB5Fc_HBOqdWKsTB_FhNI0FeIbk-iQyq7shSwHtJJC2zEcYXNDwrTrs-iuDjs0Khw0Ii548GH-NO_5kofp_3

Request Chain 108

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&google_push=AQvitUJRu9oDIJE3GJ3IETc-ayS9AYu0utqGc7GNjVTtLVxOECd9KLcaab9d_YcsWdv-qb6SZylCFSuweFyCCuAJiAY7tQp1ItE HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&google_push=AQvitUJRu9oDIJE3GJ3IETc-ayS9AYu0utqGc7GNjVTtLVxOECd9KLcaab9d_YcsWdv-qb6SZylCFSuweFyCCuAJiAY7tQp1ItE&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&google_push=AQvitUJRu9oDIJE3GJ3IETc-ayS9AYu0utqGc7GNjVTtLVxOECd9KLcaab9d_YcsWdv-qb6SZylCFSuweFyCCuAJiAY7tQp1ItE

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

117 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request advance-bug-bounty-hunting-penetration-testing-course-2021-5552 Show response
app.real.discount/offer/
Redirect Chain

https://ift.tt/3wWHwoF
https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

33 KB
9 KB

1068ms
677ms

Document
text/html

67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: c39de25b8bf112a3a1f4676bd2f447876b7e1c2e0f68d7d33d79e589c56ee8e0

Request headers

:method: GET
:authority: app.real.discount
:scheme: https
:path: /offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:24 GMT
server: Apache
cache-control: max-age=31536000 max-age=3600
vary: Cookie,Accept-Encoding,User-Agent
x-powered-by: Phusion Passenger 5.0.30
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA; Expires=Mon, 19-Apr-2021 19:54:24 GMT; HttpOnly; Path=/
status: 200 OK
expires: Mon, 19 Apr 2021 19:54:24 GMT
content-encoding: gzip
content-length: 8419
content-type: text/html; charset=utf-8

Redirect headers

cache-control: private, max-age=90
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Mon, 19 Apr 2021 18:54:23 GMT
location: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
referrer-policy: unsafe-url
server: nginx
set-cookie: _bit=l3jiSn-bd47309ecfac4ae3df-00A; Domain=ift.tt; Expires=Sat, 16 Oct 2021 18:54:23 GMT
strict-transport-security: max-age=1209600
content-length: 182

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e314688d91681882a4fbdfd7a3e439ebf145d5aeb755f949aab679df6752e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48241
x-xss-protection: 0
server: cafe
etag: 7523037415397534617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Apr 2021 18:54:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E1CQ0K2FL6

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c08555a3cfaea4f49c396c5fb4122e1c1df551d9d73a921375aacaef75264545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48601
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:25 GMT

GET
H2 200 argon.min.css
www.real.discount/beta/css/ 349 KB
53 KB 351ms
115ms Stylesheet
text/css 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/beta/css/argon.min.css
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache /
Resource Hash: bfe4ee85fc4f9857d72e1da24d81f559f6e172cde32d10d8a3b3e1f246db7096

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 11:30:06 GMT
server: Apache
etag: "57391-5be0a45598b80-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=7776000
accept-ranges: bytes
expires: Sun, 18 Jul 2021 18:54:25 GMT

GET
H2 200 style.css
www.real.discount/beta/css/ 6 KB
2 KB 343ms
108ms Stylesheet
text/css 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.real.discount/beta/css/style.css
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache /
Resource Hash: 032f4660b0edf4dbce54e13952e7ecebb37e64559a48e2c3fe70300102e13981

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Sun, 28 Mar 2021 21:15:44 GMT
server: Apache
etag: "17a2-5be9f44a08000-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 1717
expires: Sun, 18 Jul 2021 18:54:25 GMT

GET
H2 200 Logoblue.png
app.real.discount/img/brand/ 5 KB
5 KB 225ms
224ms Image
image/png 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.real.discount/img/brand/Logoblue.png
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 89a4ade39b2dc6e0cd828fd6e7bdcac9b81921f24de732d9bc51e3c7e12533a8

Request headers

:path: /img/brand/Logoblue.png
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
last-modified: Wed, 27 Jan 2021 14:26:24 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1611757584.0-4804-1422399804"
vary: Cookie,User-Agent
content-type: image/png
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
content-length: 4804
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 3978312_02a7.jpg
img-a.udemycdn.com/course/750x422/ 46 KB
46 KB 41ms
13ms Image
image/jpeg 152.199.21.236
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-a.udemycdn.com/course/750x422/3978312_02a7.jpg?3FpzBP0qpdj0f43-bYE8GL2bnCke1ooIpaeQNfrKb7lATF_pjLUP60BRkf-ixnDugyu_28b1xvOKMY8v57L0K2wxHIEZuC8JV4jS24r74xGIJzLF4md4_idhXvLuSg
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.236 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8C) /
Resource Hash: 09e4063f57598fa47fae52917cb68db2ad8f05ce2bd56f9676f6d6879904b74e

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
etag: "4c5a40b539c8021936cdb5d17a019d44"
last-modified: Tue, 13 Apr 2021 03:59:01 GMT
server: ECAcc (frc/8F8C)
age: 378325
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-request-id: 40C6MK84CFSTW38W
x-amz-version-id: CXEvbw2tqKxY_KEY2oMzttfS2OX9Zz0m
accept-ranges: bytes
content-length: 46879
x-amz-id-2: UPFxJwwnwWmgG/fk8Ad38EH2SqtegRmkcx8KiL8PtWjN//i2c6plkUhmQ4bnAQz1cJz8rkAI/1A=

GET
H2 200 jquery.min.js Show response
app.real.discount/vendor/jquery/dist/ 86 KB
31 KB 222ms
219ms Script
application/javascript 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/jquery/dist/jquery.min.js
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path: /vendor/jquery/dist/jquery.min.js
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-88145-1904156026-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
app.real.discount/vendor/bootstrap/dist/js/ 79 KB
23 KB 124ms
121ms Script
application/javascript 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/bootstrap/dist/js/bootstrap.bundle.min.js
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Request headers

:path: /vendor/bootstrap/dist/js/bootstrap.bundle.min.js
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-80698-2150900650-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 js.cookie.js Show response
app.real.discount/vendor/js-cookie/ 4 KB
2 KB 123ms
120ms Script
application/javascript 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/js-cookie/js.cookie.js
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2

Request headers

:path: /vendor/js-cookie/js.cookie.js
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-3886-329522158-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
content-length: 1485
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 jquery.scrollbar.min.js Show response
app.real.discount/vendor/jquery.scrollbar/ 13 KB
5 KB 123ms
121ms Script
application/javascript 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/jquery.scrollbar/jquery.scrollbar.min.js
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 95cafb5c72abcbea04a038bfc7197eff0f8b5d70304256be7abc6ac600a6ee6d

Request headers

:path: /vendor/jquery.scrollbar/jquery.scrollbar.min.js
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-13041-1619403643-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
content-length: 4377
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 jquery-scrollLock.min.js Show response
app.real.discount/vendor/jquery-scroll-lock/dist/ 5 KB
2 KB 221ms
219ms Script
application/javascript 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/jquery-scroll-lock/dist/jquery-scrollLock.min.js
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 3ec49404c2e842eaeb5786f9dbce5b10272d149994064b326aff12f61e91915c

Request headers

:path: /vendor/jquery-scroll-lock/dist/jquery-scrollLock.min.js
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-4636-2194744913-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
content-length: 1636
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 11ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin: https://app.real.discount
Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1618858465.dop011.fr8.t,1618858465.cds253.fr8.hn,1618858465.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ 361 KB
58 KB 38ms
22ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment-with-locales.min.js

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1374a7c31e85e2dec3880fcbdc380f93a227d8cd7be3b2526aefb73d68ed4b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://app.real.discount
Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 928338
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58892
cf-request-id: 098d14ef1c00000621e188b000000001
timing-allow-origin: *
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7c5ca4-5a218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oou3m9aVM41mMozIWJinv%2BfVBw8MZU8xXVba87lkGvIVVvV1mUJa7dOiqW9lDaJYGvX729tfJSC3z5WqHe8O1DIxpDMEgBzq7vHSWlPM4alNB3QAEvdD81xRgUdUVR4Kag%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6428575e8d200621-FRA
expires: Sat, 09 Apr 2022 18:54:25 GMT

GET
H2 200 argon.min.js Show response
app.real.discount/js/ 11 KB
4 KB 226ms
224ms Script
application/javascript 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/js/argon.min.js
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: dc1cc85032b4c67c0340b178cd2f16789b6a30837da6089e873549d5891d830f

Request headers

:path: /js/argon.min.js
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 17:59:27 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1617731967.0-11468-2897483406-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
content-length: 3945
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 all.min.css
app.real.discount/vendor/%40fortawesome/fontawesome-free/css/ 56 KB
12 KB 225ms
224ms Stylesheet
text/css 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Requested by: Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

:path: /vendor/%40fortawesome/fontawesome-free/css/all.min.css
pragma: no-cache
cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4A.DKPpROAry3J33tq_XNqtsG8jkcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: app.real.discount
referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-57180-268117254-gzip"
vary: Cookie,Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
31 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P97D3C3

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5e63e83fa093c2344bb95bbd92699dc739ffb0e1c8b90f4c22b5ada928724cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31988
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Apr 2021 18:54:25 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
151 B 13ms
12ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-E1CQ0K2FL6&gtm=2oe472&_p=772465357&sr=1600x1200&_gaz=1&ul=en-us&cid=1914813367.1618858465&_s=1&dl=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&dt=%5B100%25%20Off%5D%20Advance%20Bug%20Bounty%20Hunting%20%26%20Penetration%20Testing%20Course%202021&sid=1618858465&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1CQ0K2FL6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.real.discount
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
75 B 16ms
15ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E1CQ0K2FL6&cid=1914813367.1618858465&gtm=2oe472&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1CQ0K2FL6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.real.discount
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E1CQ0K2FL6&cid=1914813367.1618858465&gtm=2oe472&aip=1&z=1217843761

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/ 222 KB
83 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8859084410354944&plah=app.real.discount&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84655
x-xss-protection: 0
server: cafe
etag: 16615013293570182620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Apr 2021 18:54:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/ Frame 71BD 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210415/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.real.discount/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.real.discount/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 14:54:34 GMT
expires: Mon, 03 May 2021 14:54:34 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 14391
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
47 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RQMJ6WTW77&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1CQ0K2FL6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36f0eaed803112dbc7db74a15cc241a94f0b417b0c725379fc47715edfa44259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48581
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P97D3C3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3483
date: Mon, 19 Apr 2021 17:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Mon, 19 Apr 2021 19:56:22 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=772465357&t=pageview&_s=1&dl=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&ul=en-us&de=UTF-8&dt=%5B100%25%20Off%5D%20Advance%20Bug%20Bounty%20Hunting%20%26%20Penetration%20Testing%20Course%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=814440118&gjid=1358481741&cid=1914813367.1618858465&tid=UA-9827766-8&_gid=1153812649.1618858465&_r=1&gtm=2wg472P97D3C3&z=1382498607

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.real.discount
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RQMJ6WTW77&gtm=2oe472&_p=772465357&sr=1600x1200&ul=en-us&cid=1914813367.1618858465&_s=1&dl=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&dt=%5B100%25%20Off%5D%20Advance%20Bug%20Bounty%20Hunting%20%26%20Penetration%20Testing%20Course%202021&sid=1618858465&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQMJ6WTW77&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.real.discount
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
16ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-9827766-8&cid=1914813367.1618858465&jid=814440118&gjid=1358481741&_gid=1153812649.1618858465&_u=YADAAEAAAAAAAC~&z=430519284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Apr 2021 18:54:25 GMT
content-type: text/plain
access-control-allow-origin: https://app.real.discount
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
642 B 38ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=app.real.discount&callback=_gfp_s_&client=ca-pub-8859084410354944

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8859084410354944&plah=app.real.discount&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d12cbe4ca4978c19e7be601b110841b98af865d13e9dda430fcaee1885ea95a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=app.real.discount

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=app.real.discount

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F4B 17 KB
1 KB 95ms
94ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&adk=1812271804&adf=3025194257&lmt=1618858465&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465084&bpp=21&bdt=68&idt=99&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8621627863973&frm=20&pv=2&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&dtd=111

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9efd25069e5ec6205a1816c7dca5ef1b28d480657623541a37eec116b4c861f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8859084410354944&output=html&adk=1812271804&adf=3025194257&lmt=1618858465&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465084&bpp=21&bdt=68&idt=99&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8621627863973&frm=20&pv=2&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.real.discount/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.real.discount/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Apr 2021 18:54:25 GMT
server: cafe
content-length: 1352
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Apr-2021 19:09:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 18:54:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:25 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-9827766-8&cid=1914813367.1618858465&jid=814440118&_u=YADAAEAAAAAAAC~&z=1425266235

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 44ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-9827766-8&cid=1914813367.1618858465&jid=814440118&_u=YADAAEAAAAAAAC~&z=1425266235

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
21ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=app.real.discount

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=app.real.discount

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 18:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB63 68 KB
24 KB 724ms
724ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=2722570078&adf=2045022346&pi=t.ma~as.2787297283&w=856&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465571&bpp=34&bdt=555&idt=35&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dOTFOZVdRE&p=https%3A//app.real.discount&dtd=41

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca06d4df16402579167fb416222eed39a86060509e52d4f944310c5be953800c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=2722570078&adf=2045022346&pi=t.ma~as.2787297283&w=856&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465571&bpp=34&bdt=555&idt=35&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dOTFOZVdRE&p=https%3A//app.real.discount&dtd=41
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.real.discount/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.real.discount/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Apr 2021 18:54:26 GMT
server: cafe
content-length: 24252
x-xss-protection: 0
set-cookie: IDE=AHWqTUlOpGlTTa6WQ1pBUx_kFZYAqkOiRQADvl-9q1SDD6eNzZInHCDrDAi7BSPRjz4; expires=Sat, 14-May-2022 18:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 18:54:26 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 418C 83 KB
29 KB 346ms
346ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f0adc8cb0bf022a1ea34410d5dfded4a8bcda1030174a7ba6fa72392a7510ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.real.discount/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.real.discount/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Apr 2021 18:54:25 GMT
server: cafe
content-length: 29310
x-xss-protection: 0
set-cookie: IDE=AHWqTUnyLI-T1s6-py8G_Lpdb2uyZEKSeVsL6Cq1yHyuybh0a3ch8TsbLg1lEd2N4nc; expires=Sat, 14-May-2022 18:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 18:54:25 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5AF0 75 KB
26 KB 610ms
610ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbd687806427c3acc597388ff83ff0915b17d70d0811899cfd81f87d9a4146de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.real.discount/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.real.discount/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Apr 2021 18:54:26 GMT
server: cafe
content-length: 26160
x-xss-protection: 0
set-cookie: IDE=AHWqTUlrePsWlhBduPBoDv8eXefdix5iDyewtFTWD9nChYTOJgpBtMUJpZjTqsuc6aM; expires=Sat, 14-May-2022 18:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 18:54:26 GMT
cache-control: private

GET
H2 200 fa-solid-900.woff2
app.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/ 74 KB
75 KB 113ms
112ms Font
font/woff2 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: app.real.discount
URL: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

sec-fetch-mode: cors
origin: https://app.real.discount
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_E1CQ0K2FL6=GS1.1.1618858465.1.0.1618858465.60; _gid=GA1.2.1153812649.1618858465; session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; _gat_UA-9827766-8=1; _ga_RQMJ6WTW77=GS1.1.1618858465.1.0.1618858465.0; _ga=GA1.1.1914813367.1618858465; __gads=ID=f85be8207b13ac3f-22cf10a19aa7008a:T=1618858465:RT=1618858465:S=ALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ; sidenav-state=pinned
:path: /vendor/%40fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.real.discount
referer: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.real.discount
Referer: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-76084-3921225962"
vary: Cookie,User-Agent
content-type: font/woff2
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
content-length: 76084
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 fa-brands-400.woff2
app.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/ 74 KB
75 KB 112ms
111ms Font
font/woff2 67.205.1.188
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2
Requested by: Host: app.real.discount
URL: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.1.188 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps569021.dreamhostps.com
Software: Apache / Phusion Passenger 5.0.30
Resource Hash: 8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Request headers

sec-fetch-mode: cors
origin: https://app.real.discount
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_E1CQ0K2FL6=GS1.1.1618858465.1.0.1618858465.60; _gid=GA1.2.1153812649.1618858465; session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; _gat_UA-9827766-8=1; _ga_RQMJ6WTW77=GS1.1.1618858465.1.0.1618858465.0; _ga=GA1.1.1914813367.1618858465; __gads=ID=f85be8207b13ac3f-22cf10a19aa7008a:T=1618858465:RT=1618858465:S=ALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ; sidenav-state=pinned
:path: /vendor/%40fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.real.discount
referer: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.real.discount
Referer: https://app.real.discount/vendor/%40fortawesome/fontawesome-free/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:25 GMT
last-modified: Mon, 07 Dec 2020 10:11:52 GMT
server: Apache
x-powered-by: Phusion Passenger 5.0.30
etag: "1607335912.0-75936-325200196"
vary: Cookie,User-Agent
content-type: font/woff2
status: 200 OK
cache-control: public, max-age=31536000
set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGEyNmY2YmVmMWM4NTM5Y2RjNTg0ZmY2ZTNmODgyN2NlNjhhMjVlMyJ9.YH3R4Q.GDG4DNnLbAH1NfYrJmT_OygGw0A; Expires=Mon, 19-Apr-2021 19:54:25 GMT; HttpOnly; Path=/
content-length: 75936
expires: Tue, 20 Apr 2021 06:54:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 418C 3 KB
674 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 18:14:29 GMT
server: ESF
date: Mon, 19 Apr 2021 18:54:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5AF0 6 KB
742 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 18:18:44 GMT
server: ESF
date: Mon, 19 Apr 2021 18:54:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AB63 3 KB
651 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=2722570078&adf=2045022346&pi=t.ma~as.2787297283&w=856&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465571&bpp=34&bdt=555&idt=35&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dOTFOZVdRE&p=https%3A//app.real.discount&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 18:12:13 GMT
server: ESF
date: Mon, 19 Apr 2021 18:54:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 418C 1 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:50:27 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 418C 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:51:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 418C 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:47:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 418C 118 KB
36 KB 57ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 418C 13 KB
5 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:52:48 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 418C 0
0 53ms
49ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSC5PmwDNrTtyFWYaJ_vrXin4KI1R4mt6JsSSDr45Zr_rBZrjSANQ1juT-fbHo07bBfEaj2zo5Aa2MHZryBj0TP0wWnzQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 418C 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 264760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 15 Jul 2021 17:21:46 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 5AF0 1 KB
909 B 51ms
48ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:50:27 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 5AF0 17 KB
7 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:51:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 5AF0 2 KB
1 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:47:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AF0 118 KB
36 KB 49ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 5AF0 13 KB
5 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:52:48 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5AF0 0
0 48ms
43ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_8EDBXAAxc4NuJrCQwUkKHoVeqN-V5oXSV-yejoqHJVZTG8OVtEG_F-072hzCjvhgl7A5piM2m9sAldJyGJGVo_783w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 5AF0 25 KB
10 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 264760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 15 Jul 2021 17:21:46 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/spam_signals/ Frame AB63 6 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 14:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 14:39:20 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame AB63 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:50:27 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame AB63 17 KB
7 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:51:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame AB63 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:47:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB63 118 KB
36 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame AB63 13 KB
5 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 18:52:48 GMT

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame AB63 25 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 264760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 15 Jul 2021 17:21:46 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9372904917825618820/ Frame 5AF0 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9372904917825618820/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1510f761a8d2c42b27f20c15ecd12c88d24e8b3b0456b5bcb2459699d633c4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:10:09 GMT
x-content-type-options: nosniff
age: 405857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1541
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 21:09:40 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:10:09 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/524662930735094654/ Frame 5AF0 12 KB
12 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/524662930735094654/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30daed421fa4d25de36419f51cf41b0247c476efba33cb11bcb173582ff335fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:27:12 GMT
x-content-type-options: nosniff
age: 404834
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11862
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 22:51:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:27:12 GMT

GET
DATA 200
OK truncated
/ Frame 5AF0 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5AF0 0
0 41ms
41ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CX4nL4dF9YPziKfODjuwPkI69uAyLlKDbYY-5ltrHDeny4YGRDhABIPrPtjNglQKgAe3puaIDyAEJqAMByAPLBKoEmgJP0JL6a3JXncFY42pq5OO3okKk7vlmn9rg4ccspryknWKzzcKW0HYgpGVneEUps4kDe9i4WLUF5gv6QOBYynIWwxxwGX0_VqJ-dotJTz0nQymzMsDIA-NN5WDSlMz84pPYVlw03WqO6uLOZRX56bMKWE6ZC_k0lYhbVoZOHb5o8yfMoPu_5QdTRyEWa5s9OvoERu32sHxLlUdJ6ryPssw65KT3q0g1m6oBewtvYyBVuB4uQFbGCuK5wSHd5eSVrD-rqVV7Sc4SZqu1UCxPibhN1ZmWNoHXUoU3d6y3dYx8o2PXcZEKGqnjVh_noOgqA_qAo-BmyGiINp7Rpac_lC1QT-06YJjwyYsKJMw_UFj7mGaN6Z2bu1h6nkLABIy0o4TDA5IFBAgEGAGSBQQIBRgEoAYugAfVqMsvqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEO_SD9IICQiA4YAQEAEYH4AKAcgLAdgTDIgUAZgWAbIXGgoYCAASFHB1Yi04ODU5MDg0NDEwMzU0OTQ0&sigh=9Z5lAJhy6EU&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Apr 2021 18:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCB2 143 B
222 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 19 Apr 2021 18:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 780
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FCD6 1 KB
864 B 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 03:14:09 GMT
expires: Tue, 20 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 56417
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F50C 1 KB
783 B 5ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 03:14:09 GMT
expires: Tue, 20 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 56417
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 418C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2093251054932a90385e3b24dc9f37c9ef85b369022a834d71ec6dc364aac483

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5AF0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47d869c90bccd71136b5ec0149ea5e45277f00cb31281bac51d926de08d8856a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 418C 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 118248
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 418C 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 406284
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame AB63 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Copmu4dF9YMS9JovO3gOKjJ84-emV1GGrsqeqqg3AjbcBEAEg-s-2M2CVAqABqa-pwwHIAQGpAhE59o0DLbQ-qAMByAPDBKoEnQJP0H73Wu3qprDbhGSfUKzeyV6sY9HuaOhyPdjPHbNwfwCPy5JFzIznQr52AZyzYzunOEYLRX5LK0P8MGoGx_Y8g3WpQiMZo0lK9gOxZEr38gG7LPnV-3slCs8_w0zKGzDUhEyYErZW-iALgw16V8czqb0Q21h-O_1ha-Ey7hl2qjFG19WMD79_ZfpkheW9NEUf_sSq4HtU4m45lzA778WgQdEQPbs0yABMkryC5p3lILwaZYIj86v23Jq1PKL3ZL235t2roX2wnStrMwNdIBEpeREJ5wpsluMrVc_iNNsJ3bcfbsM4GwbYux_qZz3iR_kVrZnaubLdEH5JWhxlgsq968rBk81RJAx6aEkVFeXnu17gXtde9Kei2y3gCM3ABMi5ibnSA5IFBAgEGAGSBQQIBRgEoAZmgAe_0Na8AqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRDAkJYB0ggJCIDhgBAQARgfgAoByAsB2BMKiBQD0BUBgBcBshcaChgIABIUcHViLTg4NTkwODQ0MTAzNTQ5NDQ&sigh=xJw81Los2RM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=2722570078&adf=2045022346&pi=t.ma~as.2787297283&w=856&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465571&bpp=34&bdt=555&idt=35&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dOTFOZVdRE&p=https%3A//app.real.discount&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Apr 2021 18:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8A4 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=2722570078&adf=2045022346&pi=t.ma~as.2787297283&w=856&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465571&bpp=34&bdt=555&idt=35&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dOTFOZVdRE&p=https%3A//app.real.discount&dtd=41
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=2787297283&adk=2722570078&adf=2045022346&pi=t.ma~as.2787297283&w=856&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465571&bpp=34&bdt=555&idt=35&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=45&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dOTFOZVdRE&p=https%3A//app.real.discount&dtd=41

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 19 Apr 2021 18:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 780
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C243 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 03:14:09 GMT
expires: Tue, 20 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 56417
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AB63 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df83eea23421e923de2de6428ad9157673232e5fda661c21b560350d0d9c0a93

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB63 21 KB
21 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 406284
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB63 21 KB
21 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 118248
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5AF0 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 596318
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:48 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5AF0 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 138663
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:23:23 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame FCD6 35 B
464 B 32ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPjXKKW64TanvHGJ2fzLE0Y&google_cver=1&google_push=AQvitULd7eaWGzSej0gqdyJlhm1vhBYodttAGFJhXf97jDj_SX3cCdlwalX7NEJS5TlzMEa82NcPvelEKWV9r61IoQxX1mZ2ek1e

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FCD6
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUJJhveSMlj1TEbPeYNH17iHlYfcbYcTJqNm_F0...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFCQkZxLVdSTw&google_push=AQvitUJJhveSMlj1TEbPeYNH17iHlYfcbYcTJqNm_F0SYAuQJ_DHBTGbWe8oGq2dlbidMbN85Q-C6BJ68AWfjdEYPf7ABRyz_Aw

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFCQkZxLVdSTw&google_push=AQvitUJJhveSMlj1TEbPeYNH17iHlYfcbYcTJqNm_F0SYAuQJ_DHBTGbWe8oGq2dlbidMbN85Q-C6BJ68AWfjdEYPf7ABRyz_Aw

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFCQkZxLVdSTw&google_push=AQvitUJJhveSMlj1TEbPeYNH17iHlYfcbYcTJqNm_F0SYAuQJ_DHBTGbWe8oGq2dlbidMbN85Q-C6BJ68AWfjdEYPf7ABRyz_Aw
Date: Mon, 19 Apr 2021 18:54:26 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FCD6
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECzXGr5Okt4GVqX1Elu6kbs&google_cver=1&google_push=AQvitUKTWN22WE3MBvqkHRPuvOf8PDUnJIWg9QflK-zZM4MzG4uY8u0Oh3SWUhuIcARcau_Kqt8RCviyQdDoo34y2kaNByOMfB1x
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKTWN22WE3MBvqkHRPuvOf8PDUnJIWg9QflK-zZM4MzG4uY8u0Oh3SWUhuIcARcau_Kqt8RCviyQdDoo34y2kaNByOMfB1x&google_hm=Q0FFU0VDelhHcjVPa3Q0R...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKTWN22WE3MBvqkHRPuvOf8PDUnJIWg9QflK-zZM4MzG4uY8u0Oh3SWUhuIcARcau_Kqt8RCviyQdDoo34y2kaNByOMfB1x&google_hm=Q0FFU0VDelhHcjVPa3Q0R1ZxWDFFbHU2a2Jz

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Apr 2021 18:54:26 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKTWN22WE3MBvqkHRPuvOf8PDUnJIWg9QflK-zZM4MzG4uY8u0Oh3SWUhuIcARcau_Kqt8RCviyQdDoo34y2kaNByOMfB1x&google_hm=Q0FFU0VDelhHcjVPa3Q0R1ZxWDFFbHU2a2Jz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FCD6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFMBlfrylbbMOf0mdgXKxYE&google_cver=1&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T
https://rtb.openx.net/sync/dds?google_gid=CAESEFMBlfrylbbMOf0mdgXKxYE&google_cver=1&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T&google_hm=Zd0cKfrYwqwzLix8Inpamw==

170 B
188 B

19ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T&google_hm=Zd0cKfrYwqwzLix8Inpamw==

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULkE-4HHQ41wC1mkR7kgJWaIaSrJxgAy6-WI63vgJvBjbMK_KxbfGHi36AVtj_qYoR3pQakA_QkA9tRfICNcy_fjtHa9L3T&google_hm=Zd0cKfrYwqwzLix8Inpamw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: dl4qhn121ek50vlfgjdq4aetb8hgr611

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FCD6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkCa8fCUQTKnrX31CVjQtg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

22ms
21ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkCa8fCUQTKnrX31CVjQtg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEsH0RICa3J6QTlsJGCppRzO-JgZfBUjOb2RBP6a9v7IsnVgZPTiXi6r8wPsQy_kKSleTKpef7lgINknyMQKviW_DbkaM

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkCa8fCUQTKnrX31CVjQtg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEsH0RICa3J6QTlsJGCppRzO-JgZfBUjOb2RBP6a9v7IsnVgZPTiXi6r8wPsQy_kKSleTKpef7lgINknyMQKviW_DbkaM
Date: Mon, 19 Apr 2021 18:54:24 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FCD6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHP7JpvIaIubwK2FrPJwYpo&google_cver=1&google_push=AQvitUJoWiFl3wFwQWhkTOIx4VQg2lYUiE6xLwO_YppsMPd40peYQ-mkk-87t7acd4kRcgGt_K-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QkYtMy1BWjJI&google_push=AQvitUJoWiFl3wFwQWhkTOIx4VQg2lYUiE6xLwO_YppsMPd40peYQ-mkk-87t7acd4kRcgGt_K-cy_F5sy6nOJ8AtzrYhCkse0Rq

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QkYtMy1BWjJI&google_push=AQvitUJoWiFl3wFwQWhkTOIx4VQg2lYUiE6xLwO_YppsMPd40peYQ-mkk-87t7acd4kRcgGt_K-cy_F5sy6nOJ8AtzrYhCkse0Rq

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QkYtMy1BWjJI&google_push=AQvitUJoWiFl3wFwQWhkTOIx4VQg2lYUiE6xLwO_YppsMPd40peYQ-mkk-87t7acd4kRcgGt_K-cy_F5sy6nOJ8AtzrYhCkse0Rq
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FCD6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAAliyzorCSbtCt0wBrvaDE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAAliyzorCSbtCt0wBrvaDE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_cver=1&google_push=AQvitUIIBF0tWe7p_uTTY-IPL_ox3i3NwhsgwAcG9sG1HfSeeRlPR1-eIxNM3eTn5XEc4FjtQQCT...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_cver=1&google_push=AQvitUIIBF0tWe7p_uTTY-IPL_ox3i3NwhsgwAcG9sG1HfSeeRlPR1-eIxNM3eTn5XEc4FjtQQCTm-vVPVCHyuH6UpFDrXMXC5bu&google_gid=CAESEAAliyzorCSbtCt0wBrvaDE

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Apr 2021 18:54:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_cver=1&google_push=AQvitUIIBF0tWe7p_uTTY-IPL_ox3i3NwhsgwAcG9sG1HfSeeRlPR1-eIxNM3eTn5XEc4FjtQQCTm-vVPVCHyuH6UpFDrXMXC5bu&google_gid=CAESEAAliyzorCSbtCt0wBrvaDE
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FCD6 0
40 B 41ms
16ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPd0akqongDkQEelSBiTg0WN4bj5ADtVvfVblsfCUJNB_OaQwCrYW7HItlj1EiUQJ6yB5D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 418C 0
17 B 44ms
43ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqAn74dF9YOb8JtL83wPo7ZS4D_npldRh-7KnqqoNwI23ARABIPrPtjNglQKgAamvqcMByAEBqQIROfaNAy20PqgDAcgDwwSqBJ0CT9Aaq6QUJK2KatZc6XR9gGxXeqKmcGcag8lctHUqRgOOu-BFM4LJzz3XzPZPmRcp_PBP2FbVE5wJ6czJkcTyI1Xpl4LyUn5ivnccelnQdZRHAeUnUQFXbk62MXdNhESXqgSSUvpy_oYAqxMWnjyvf4s6XfDj-PPVfKWNlQJj4lK9pqS1wsBElyHYDk3k_J29e1mx8ZexwtqM2EQA2zyWZGVeGz5e7k3aqrUjyS3HWLzOgC6SOmQBadxzMWlUdFzwNGBGY_LRPf_Dw8HmwYtdHHMk0Va1jNq_bNv6DHC71AQyTqJJBYEcCrF5xYLDWBP-HNu1xvXm8Mbk0TQKWXOfslt5IjAlLBGiGhz83ewe2dKY-7Vqsnj3L4u-b8hVwATIuYm50gOSBQQIBBgBkgUECAUYBKAGUYAHv9DWvAKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ6bd70ggJCIDhgBAQARgfgAoByAsB2BMKiBQCshcaChgIABIUcHViLTg4NTkwODQ0MTAzNTQ5NDQ&sigh=dK4LCzA06n4&cbvp=2&vis=1

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=5010801252&adk=3025925753&adf=1566376281&pi=t.ma~as.5010801252&w=624&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465618&bpp=3&bdt=601&idt=3&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=946&ady=236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1Bor6sHWXe&p=https%3A//app.real.discount&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Apr 2021 18:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame F50C 35 B
463 B 20ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP0UKBmiSR5G0f0y5s-DHIs&google_cver=1&google_push=AQvitUIHY2MUU1pjY41yXYEOwFfXvJ4vMXvQuiMhyUSFcMBrldhPLuKT4RRE_U_13VxQLaW_RU-AGlfEhr9BhlMPBYBOIovvxy4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F50C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULho-DX04xZiSLUquP3AjO8-L5PZ6sYv0z3Qnb...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFBRHUxeFVuUQ&google_push=AQvitULho-DX04xZiSLUquP3AjO8-L5PZ6sYv0z3QnbupOenp_KtuArA-koNUwi9vFiBLzxox7kIFo_pEu3v1rv355_AmmuxcVc

170 B
188 B

19ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFBRHUxeFVuUQ&google_push=AQvitULho-DX04xZiSLUquP3AjO8-L5PZ6sYv0z3QnbupOenp_KtuArA-koNUwi9vFiBLzxox7kIFo_pEu3v1rv355_AmmuxcVc

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUgzUjRnQUFBRHUxeFVuUQ&google_push=AQvitULho-DX04xZiSLUquP3AjO8-L5PZ6sYv0z3QnbupOenp_KtuArA-koNUwi9vFiBLzxox7kIFo_pEu3v1rv355_AmmuxcVc
Date: Mon, 19 Apr 2021 18:54:26 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame F50C 43 B
324 B 40ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFtcoooWopbnFdmaQNJWm5M&google_push=AQvitUKNGK8RGqh8i3AroJJHW-pzneJ7zQeuIINak5IjT570rMIfPwid3EehV8IUcW1wlSha0VwLInqlKIZdAirsJiPEVMI1nw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F50C
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPUkxMPDlZypkivGGgQ48Ac&google_cver=1&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo
https://rtb.openx.net/sync/dds?google_gid=CAESEPUkxMPDlZypkivGGgQ48Ac&google_cver=1&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo&google_hm=Zd0cKfrYwqwzLix8Inpamw==

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo&google_hm=Zd0cKfrYwqwzLix8Inpamw==

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIypBiSloC4BeMcUZcPSKG_pG2d-Xq-leRnqi2RjOYHePVH7cyzToqmHlNLgjiMN8dvXsGWlYbpVaUmufFO-8Yvd7sxapo&google_hm=Zd0cKfrYwqwzLix8Inpamw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tget1rdqoddora8h31svunaoesb8ustv

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F50C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_KX3VjBkTx6Y4GnoWGob-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_KX3VjBkTx6Y4GnoWGob-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKvTMV8nxh6w8ACB_-hlN1ITeIDhW8j0C4XUhzTr53IuyNjupxUyYX9ch0Zhmc1JuO9EDobOGcOzSKIwl8AUdx7YUhP6wk

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_KX3VjBkTx6Y4GnoWGob-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKvTMV8nxh6w8ACB_-hlN1ITeIDhW8j0C4XUhzTr53IuyNjupxUyYX9ch0Zhmc1JuO9EDobOGcOzSKIwl8AUdx7YUhP6wk
Date: Mon, 19 Apr 2021 18:54:25 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame F50C 43 B
296 B 68ms
22ms Image
image/gif 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEK3exAcFFSs7Eyi99ftLctc&google_cver=1&google_push=AQvitUJqEAPv9ykCAyFQLcYzLVgriDSSqV87RuACGEl7PcWvcJCpe1DGBh_N3IkclWo0MQHPNkXK4GBQIBbVrUrF_-lsqMMbiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8859084410354944&output=html&h=280&slotname=9496841175&adk=2601035841&adf=4123248157&pi=t.ma~as.9496841175&w=547&fwrn=4&fwrnh=100&lmt=1618858465&rafmt=1&psa=0&format=547x280&url=https%3A%2F%2Fapp.real.discount%2Foffer%2Fadvance-bug-bounty-hunting-penetration-testing-course-2021-5552&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618858465650&bpp=14&bdt=634&idt=14&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df85be8207b13ac3f-22cf10a19aa7008a%3AT%3D1618858465%3ART%3D1618858465%3AS%3DALNI_ManJgMKSX9PHqAmue4vkO3mQEgLtQ&prev_fmts=0x0%2C856x280%2C624x280&nras=1&correlator=8621627863973&frm=20&pv=1&ga_vid=1914813367.1618858465&ga_sid=1618858465&ga_hid=772465357&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C31060614%2C44740079%2C31060828&oid=3&pvsid=1538417577439013&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ulm73dCCYM&p=https%3A//app.real.discount&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F50C
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ-CZxK9LlFZ7LNvnalvfhk&google_cver=1&google_push=AQvitUIq9g6y0164skBTbstn...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIq9g6y0164skBTbstnbkY3qzJdjREYKiN-jf75lyaXnFBJ9lyC4icKCJ_4JquSBpUuFd-LOaFVgSEKMlHdDh_BrsSXwB-8&google_hm=

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIq9g6y0164skBTbstnbkY3qzJdjREYKiN-jf75lyaXnFBJ9lyC4icKCJ_4JquSBpUuFd-LOaFVgSEKMlHdDh_BrsSXwB-8&google_hm=

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIq9g6y0164skBTbstnbkY3qzJdjREYKiN-jf75lyaXnFBJ9lyC4icKCJ_4JquSBpUuFd-LOaFVgSEKMlHdDh_BrsSXwB-8&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 18 Apr 2021 18:54:26 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F50C 0
236 B 29ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1mN7fxkkh8FpSw86eWQlYJ4gD0SKMMedb3R2OawJ04OYA7OiPflpq0C0KvX7TnjFI59FguQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCB2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8_-SX9C_WVOqW9ybca_-TLLsdZWiHslg-gYrDq8xXNjyJz8M_rh54I2x_fFc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Apr 2021 18:54:26 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 19-Apr-2021 19:54:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 18:54:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Apr 2021 18:54:26 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A8F 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 47971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Tue, 19 Apr 2022 05:34:55 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C243 35 B
210 B 15ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGSdzInvbQ67GvBu9DByJCY&google_cver=1&google_push=AQvitULTllfK6oC_tHmUKVi7eubcO7gtRQp0T86N-8AOhDkQXmhLNERPsvVTmXiXkmQ5tJ3ZaFs8THYWVNrCSvIKf-MlBoVM3Aum

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C243
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKouBE7M6eYhMVGW8wb9iwPrB-pd_7mwV64UGHQXqrYIoQEMaADn_EA9mxIbTlgdHZ-4lcWfMoOEunEYRKL42gz2lo9Rrqq&google_gid=CAESEN_a1Je9rPzmgJfIfGXJU-M&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOKj94MGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLb3VCRTdNNmVZaE1WR1c4d2I5aXdQckItcGRfN213VjY0VUdIUVhxcllJb1FFTWFBRG5fRUE5bXhJYlRsZ2RIWi00bGNXZk1vT0V1bkVZUk...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdVpUelZ5X05Nblk4TjFpOUp5RTUzN0RCMXhQN0hwUEEtSnZpcGZkMG9Baw==&google_push

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdVpUelZ5X05Nblk4TjFpOUp5RTUzN0RCMXhQN0hwUEEtSnZpcGZkMG9Baw==&google_push

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Apr 2021 18:54:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdVpUelZ5X05Nblk4TjFpOUp5RTUzN0RCMXhQN0hwUEEtSnZpcGZkMG9Baw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C243
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6-Foq...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUL6-Foq...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTkxODU0Mjc1NjA4ODI3MjUzMTc4Nw%3D%3D&google_push=AQvitUL6-FoqEZWQZW54Hy_C9P7WlKzatD1zZ_44MjIm1EJTWa-Ogxxw9lhjV8LXL1mjhD...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTkxODU0Mjc1NjA4ODI3MjUzMTc4Nw%3D%3D&google_push=AQvitUL6-FoqEZWQZW54Hy_C9P7WlKzatD1zZ_44MjIm1EJTWa-Ogxxw9lhjV8LXL1mjhD3TAcbUc3gGI-mVqGSonRyqJcvHmhNf

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTkxODU0Mjc1NjA4ODI3MjUzMTc4Nw%3D%3D&google_push=AQvitUL6-FoqEZWQZW54Hy_C9P7WlKzatD1zZ_44MjIm1EJTWa-Ogxxw9lhjV8LXL1mjhD3TAcbUc3gGI-mVqGSonRyqJcvHmhNf
Pragma: no-cache
Date: Mon, 19 Apr 2021 18:54:27 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C243
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKsuaJN9GcgopqCvGC1ROK8&google_cver=1&google_push=AQvitULoHQOpNcVvQxy2d_6CtyzMC1ykJ3IS84XMM-JL77tl7d0b96CM49NTIGQFHGIdTWc35tWJkxk7E8V6LL7ZQs8CmgNQyqNn
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULoHQOpNcVvQxy2d_6CtyzMC1ykJ3IS84XMM-JL77tl7d0b96CM49NTIGQFHGIdTWc35tWJkxk7E8V6LL7ZQs8CmgNQyqNn&google_hm=Zd0cKfrYwqwzLix8Inpamw==

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULoHQOpNcVvQxy2d_6CtyzMC1ykJ3IS84XMM-JL77tl7d0b96CM49NTIGQFHGIdTWc35tWJkxk7E8V6LL7ZQs8CmgNQyqNn&google_hm=Zd0cKfrYwqwzLix8Inpamw==

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULoHQOpNcVvQxy2d_6CtyzMC1ykJ3IS84XMM-JL77tl7d0b96CM49NTIGQFHGIdTWc35tWJkxk7E8V6LL7ZQs8CmgNQyqNn&google_hm=Zd0cKfrYwqwzLix8Inpamw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: c1nk13tlgocmsienqeui796q9vb2aitt

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C243
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j04twkxQT--KhgwigBXhaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j04twkxQT--KhgwigBXhaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIFjhnQGvWWtRPFAKBn2xNsgtuOpQV7Zzh-ZK-D6__hynmsuWB8UwCuTXPso-HiRr9ipp1l6FPG2-6iPZGPp7BEDWRKCX38

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j04twkxQT--KhgwigBXhaA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIFjhnQGvWWtRPFAKBn2xNsgtuOpQV7Zzh-ZK-D6__hynmsuWB8UwCuTXPso-HiRr9ipp1l6FPG2-6iPZGPp7BEDWRKCX38
Date: Mon, 19 Apr 2021 18:54:26 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C243
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAUWHaMmb4LyvBfMzcGHGpQ&google_cver=1&google_push=AQvitULpaPwAC2suoB5Fc_HBOqdWKsTB_FhNI0FeIbk-iQyq7shSwHtJJC2zEcYXNDwrTrs-iuD...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QzYtMVAtRlpSNg==&google_push=AQvitULpaPwAC2suoB5Fc_HBOqdWKsTB_FhNI0FeIbk-iQyq7shSwHtJJC2zEcYXNDwrTrs-iuDjs0Khw0Ii548GH-NO_5kofp_3

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QzYtMVAtRlpSNg==&google_push=AQvitULpaPwAC2suoB5Fc_HBOqdWKsTB_FhNI0FeIbk-iQyq7shSwHtJJC2zEcYXNDwrTrs-iuDjs0Khw0Ii548GH-NO_5kofp_3

Requested by

Host: app.real.discount
URL: https://app.real.discount/offer/advance-bug-bounty-hunting-penetration-testing-course-2021-5552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05PWUo3QzYtMVAtRlpSNg==&google_push=AQvitULpaPwAC2suoB5Fc_HBOqdWKsTB_FhNI0FeIbk-iQyq7shSwHtJJC2zEcYXNDwrTrs-iuDjs0Khw0Ii548GH-NO_5kofp_3
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C243
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&google_push=AQvitUJRu9oDIJE3GJ3IETc-ayS9AYu0utqGc...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&google_push=AQvitUJRu9oDIJE3GJ3IETc-ayS9AYu0utqGc7GNjVTtLVxOECd9KLcaab9d_YcsWdv-qb6SZylCFSuweFyCCuAJiAY7tQp1ItE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Apr 2021 18:54:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH3R4itEIB3o6Uad8HMcSwAABKUAAAAB&google_gid=CAESEPfmFQ4tdFBAiQsMkC6V1-M&google_cver=1&google_push=AQvitUJRu9oDIJE3GJ3IETc-ayS9AYu0utqGc7GNjVTtLVxOECd9KLcaab9d_YcsWdv-qb6SZylCFSuweFyCCuAJiAY7tQp1ItE
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame C243 0
12 B 38ms
35ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXdKJKoA0hyM9aiZ5wHpY6BKorEyzWNQDZ2TE0oYmrNwsMEQznnpXHyDm8E6SiWJCnlJfL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:26 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame E95F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 47971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Tue, 19 Apr 2022 05:34:55 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8A4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk8_-SX9C_WVOqW9ybca_-TLLsdZWiHslg-gYrDq8xXNjyJz8M_rh54I2x_fFc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Apr 2021 18:54:26 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 19-Apr-2021 19:54:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 18:54:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Apr 2021 18:54:26 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame F3DE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 47971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Tue, 19 Apr 2022 05:34:55 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 32ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210415&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8dcf6b1dd7caaba7e8bbae254a5c5b9da05b9181f474ce7e181a5a68ce1bc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6926
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 19 Apr 2021 18:54:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 05FF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://app.real.discount/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app.real.discount/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 19 Apr 2021 17:00:59 GMT
expires: Tue, 19 Apr 2022 17:00:59 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6807
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 05FF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 05:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 47971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Tue, 19 Apr 2022 05:34:55 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210415&jk=1538417577439013&bg=!rq2lrenNAAZUuIlwVLg7ACkAdvg8Wo7Y0EgBpOepf9KP81rA9a86YZFkIDjW6cwj05Z3ULKqeWNhMAIAAABCUgAAAApoAQcKAXyTN_tnZ1i9IQbnW94rdbSi7Kyc9gVDwVD8xdZX0r6Iyf0fSlNdMFIRjOQO9Sd3gi2vd2lZa7VmVlicZP3KwE0MVzDPtIZpMyJVBJNPz1LDgsqX4CtVWzvUt6F7okFpAILp1PI9-TKNPq6xLGPHakbsfABswFTQgJCJ66nQLP245SL9gaNrYGcK-pcXQsg2aCKpRl6bjPSRDetUqy1xyD3G8bfRCGhpystCouJtTmIuZgx0-9GCdS_gbybA82bp2dfRAV7Bb3LbZiwOYIOHQuO5ZWOS2eXjsEPSRRgaLUDUFh6VC-9AInfUlswRrwMlDIRKvmE9hYPx7TvUlI0e3AYeaINvQPCeSzWXReD7in0ue3n-MB6KX1I6OK_4hp-HY3wOQyOHzntVvciS0zIN4qeP1q9K33IAeRI-eL0mXPW6zjEayEsHg3U8ZYzqgMtDx15mALzgJEUVMebXzInhfqeVOPMSQmLfSsTke5fxcpR4WYwYczpS-uf75G6izZkCCbAnUYqXCLMY0VSsIcyIpwLdL0gqeSXg_QHyvMSW77UmBldgEXsxHnCCDdHDBuZ4YwVri-OUkqHxTNjwUui0OnDKd7Y73o53eyWZJyxziCNYVT6reT2OycfUJaiLPetmGouDMFczKdMKCRO-0nXSezrdE9jiFo3ieLh4iVcxkjxhpEdyKL2FJTWfAD3JISLlbeiXB-0VZfuxgOWNulNdnEcf519zEDec-n28e24HP8342F-HiiZYXgWcEjQhr-d1w_rTMzjzTeOoYP6oXz_S-hnDQAsidEea4gQIqqMOgA9hskF10t5MJDtIPmpeljBt9vsLHhssLvtwKLZarTqzH4QIQqAD9V8EPIsModIGLli-aeMhIOI7dvdItP2iXuSxd_OhS6midyPNObND6k7J-v3WS4B0jzMN5IiDqkz5_sSgvm1-zXf4cbjxW0odgA36bPo-DcmoyMwBSA5RuLxWi6-5iTvZT8vnpAyfjtk53fQp90Lohaj-g7RfFMcjAi0_LbUFDxBUYWyIdZ0nVAOWGeRWtUwiMPzc2A1d--dZfZO5sXut_VPgfBW-nwZFtnvFQbJRe0BVTxK87e8vlCMZ6BsP9BnHRQmVBztWgG5s4qMveDVO2PCq4GAFeLCR9DuvMIs1FU5ht2TMutle2BTbK780_bSPJ1S57mMRHFXtdUe_gLwcSD7920SY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.real.discount/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 418C 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstS16oc6StUSd8fIZNHZm5tk5Cpdl69qSdjb685eGtSPSgnLmsxJKxzUk2j2IwXyMSlmmnPaco1-eteBg0eX3aRuy8zhUee67BqUiS0z_6n1EY1qN8uym3TI5o8Ew&sai=AMfl-YQy3TyMYVIcXvULhlxb5qf8IQlbxOCtv4xwMTeJ_D_TQjXKATj4gd01vG9a6T_9xRifrkyX5mM7gamEfi9XwKnbetQ_1ZYrwfLwcMRbKRyWrkKPlUG-sUP8sSrH&sig=Cg0ArKJSzGLVLeJ5viLREAE&cid=CAASF-RoKXwWR_KhyB0gQ4hJcTy2WXg4bSa1&id=lidar2&mcvt=1002&p=236,1050,516,1674&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&app=0&itpl=22&adk=3025925753&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618858465624&dlt=754&rpt=1&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB63 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhZoBpZOKjewUZcT7BjLULrmAR7uIvTZpBNDIbeiHKiTqYDEFoQsG5Sqz9m4o_Rlpgiqto_xkbfrHovfNGKFxJO_7iKjgztX0vSjwqdCdMLpPE_mJn1Q8Vt1dqxQ&sai=AMfl-YT_7ezWVtVvHz6ygEOtRKZKVJ6W8jRwHFYex3ZVEjh6t0UkJ6Fgal5xqKU8mCQnlKps78OBcRR3w9F1IHV92Ty0M9FU_9TQAn4oGI-xB5LSadtQBjwqa7iBv8hk&sig=Cg0ArKJSzASQxcwTMvfPEAE&cid=CAASF-Roecmmn-L1nhYGBgoCNu6KR6AkQNxX&id=lidar2&mcvt=1001&p=950,295,1230,1151&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&app=0&itpl=22&adk=2722570078&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618858465615&dlt=769&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 17:41:02	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-20 03:02:34	Name: IDE Value: AHWqTUk8_-SX9C_WVOqW9ybca_-TLLsdZWiHslg-gYrDq8xXNjyJz8M_rh54I2x_fFc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
analytics.google.com
app.real.discount
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
ift.tt
image6.pubmatic.com
img-a.udemycdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.real.discount
104.108.145.8
142.250.186.34
142.250.186.98
152.199.21.236
18.196.98.222
185.64.190.78
2001:4de0:ac18::1:a:2b
217.182.200.20
2606:4700::6810:135e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0d::9a
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
34.98.67.61
35.227.252.103
35.244.174.68
52.41.116.81
63.33.127.66
67.199.248.13
67.205.1.188
69.173.144.165
032f4660b0edf4dbce54e13952e7ecebb37e64559a48e2c3fe70300102e13981
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09e4063f57598fa47fae52917cb68db2ad8f05ce2bd56f9676f6d6879904b74e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
1374a7c31e85e2dec3880fcbdc380f93a227d8cd7be3b2526aefb73d68ed4b92
1510f761a8d2c42b27f20c15ecd12c88d24e8b3b0456b5bcb2459699d633c4ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2093251054932a90385e3b24dc9f37c9ef85b369022a834d71ec6dc364aac483
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
30daed421fa4d25de36419f51cf41b0247c476efba33cb11bcb173582ff335fa
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36f0eaed803112dbc7db74a15cc241a94f0b417b0c725379fc47715edfa44259
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
3ec49404c2e842eaeb5786f9dbce5b10272d149994064b326aff12f61e91915c
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
47d869c90bccd71136b5ec0149ea5e45277f00cb31281bac51d926de08d8856a
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
6f0adc8cb0bf022a1ea34410d5dfded4a8bcda1030174a7ba6fa72392a7510ac
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a4ade39b2dc6e0cd828fd6e7bdcac9b81921f24de732d9bc51e3c7e12533a8
8e314688d91681882a4fbdfd7a3e439ebf145d5aeb755f949aab679df6752e11
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
95cafb5c72abcbea04a038bfc7197eff0f8b5d70304256be7abc6ac600a6ee6d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
bfe4ee85fc4f9857d72e1da24d81f559f6e172cde32d10d8a3b3e1f246db7096
c08555a3cfaea4f49c396c5fb4122e1c1df551d9d73a921375aacaef75264545
c39de25b8bf112a3a1f4676bd2f447876b7e1c2e0f68d7d33d79e589c56ee8e0
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
ca06d4df16402579167fb416222eed39a86060509e52d4f944310c5be953800c
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
d12cbe4ca4978c19e7be601b110841b98af865d13e9dda430fcaee1885ea95a5
dc1cc85032b4c67c0340b178cd2f16789b6a30837da6089e873549d5891d830f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df83eea23421e923de2de6428ad9157673232e5fda661c21b560350d0d9c0a93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e63e83fa093c2344bb95bbd92699dc739ffb0e1c8b90f4c22b5ada928724cf
e8dcf6b1dd7caaba7e8bbae254a5c5b9da05b9181f474ce7e181a5a68ce1bc93
e9efd25069e5ec6205a1816c7dca5ef1b28d480657623541a37eec116b4c861f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbd687806427c3acc597388ff83ff0915b17d70d0811899cfd81f87d9a4146de
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

app.real.discount Open in urlscan Pro 67.205.1.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

100 %HTTPS

59 %IPv6

27 Domains

35 Subdomains

28 IPs

7 Countries

1186 kBTransfer

3123 kBSize

2 Cookies

9 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.real.discount Open in urlscan Pro
67.205.1.188 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

59 %
IPv6

27
Domains

35
Subdomains

28
IPs

7
Countries

1186 kB
Transfer

3123 kB
Size

2
Cookies

117 HTTP transactions
4 data transactions