www.calculator.net Open in urlscan Pro
69.10.42.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.calculator.net/pace-calculator.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250
Effective URL:
https://www.calculator.net/pace-calculator.html
Submission: On May 23 via api (May 23rd 2021, 3:22:26 am UTC) from US

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 47 HTTP transactions. The main IP is 69.10.42.201, located in United States and belongs to IS-AS-1, US. The main domain is www.calculator.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 8th 2020. Valid for: a year.

This is the only time www.calculator.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	69.10.42.201 69.10.42.201	19318 (IS-AS-1) (IS-AS-1)
8	2600:9000:218... 2600:9000:218f:7400:b:6141:e700:21	16509 (AMAZON-02) (AMAZON-02)
3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f06... 2a03:2880:f06b:e:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
47	19

2 69.10.42.201 (United States) 1 redirects

ASN19318 (IS-AS-1, US)

www.calculator.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:218f:7400:b:6141:e700:21 (United States)

ASN16509 (AMAZON-02, US)

d26tpo4cm8sb6k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s2.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f06b:e:face:b00c:0:8c (Oman)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	76 KB
11	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	162 KB
8	cloudfront.net d26tpo4cm8sb6k.cloudfront.net	121 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google.com adservice.google.com www.google.com	1 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
2	calculator.net 1 redirects www.calculator.net	8 KB
1	atdmt.com ad.atdmt.com	1 KB
1	2mdn.net s2.2mdn.net	34 KB
1	google.fr adservice.google.fr	799 B
47	12

	Domain	Requested by
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	d26tpo4cm8sb6k.cloudfront.net	www.calculator.net
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.calculator.net securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com www.calculator.net
2	www.googletagservices.com	securepubads.g.doubleclick.net 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
2	27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ssl.google-analytics.com	www.calculator.net
2	www.calculator.net	1 redirects
1	ad.atdmt.com	27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
1	s2.2mdn.net	27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
47	18

This site contains no links.

Subject Issuer	Validity	Valid
*.calculator.net Go Daddy Secure Certificate Authority - G2	`2020-09-08` - `2021-10-10`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.fr GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-03-26` - `2021-06-24`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.calculator.net/pace-calculator.html
Frame ID: 2832F74B95742E8AB4F7AF7CD6F8B394
Requests: 22 HTTP requests in this frame

Frame: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 801655DE902C8CB28CD134D1D81DCD38
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCwxpj2ARj05MKoATAB&v=APEucNXV6m1WLQzP6UVy9YPL-W468OzD3fd5sFZDPvZZEVwp5WZDejmyL7BHZpjcccPrCghTr2bNssqnhcfb6tfxqDEZMzehirdrRcV01-tM9U4zncPjFL4Lz3kVMJSkhA-QuWuS6RAlcdxS8VPuTnzdroyp_scHLI69oY9MdhbfO0k6K9TRnMyO2t3iAWhJT71bW5Hcyd6-vKEFoQmNr0ggIa5WgdV-_w
Frame ID: 10F478F04CAFAD1D2C77937CDD90395D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F4B34475F4994418902C6A35946E07C5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E1A865DA39DFD2F264178E6B34CEF22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8B000AD8FD492B39AE64D80EAB7A3EF6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.calculator.net/pace-calculator.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250 HTTP 301
https://www.calculator.net/pace-calculator.html Page URL

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

script /highcharts.*\.js/i

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

487 kB
Transfer

1212 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.calculator.net/pace-calculator.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250 HTTP 301
https://www.calculator.net/pace-calculator.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiNCkrNnS7dZIy5LjQT7lU&google_cver=1

Request Chain 28

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKnKYtXUvDhMvL.vz11h.AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsD8At-PVWddJY5brgTNrM&google_cver=1&google_hm=2

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMs8_JbrmuXDa-mIyCgNJmw&google_cver=1

Request Chain 30

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzNjMxNDg1NjA3NjMyMDM1MA%3D%3D

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pace-calculator.html Show response
www.calculator.net/
Redirect Chain

https://www.calculator.net/pace-calculator.html&DVP_PP_BUNDLE_ID=&dvregion=0&unit=300x250
https://www.calculator.net/pace-calculator.html

31 KB
8 KB

102ms
101ms

Document
text/html

69.10.42.201
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.42.201 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips / PHP/7.0.10
Resource Hash: 508049771b628367389a5029956a483db5d6595f548f796de98ef4c218678f90

Request headers

:method: GET
:authority: www.calculator.net
:scheme: https
:path: /pace-calculator.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=9kbrnk5hhf8616asq5cmbhqhe7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:09 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by: PHP/7.0.10
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent,Accept,Accept-Encoding
set-cookie: recentVisit[0]=Pace+Calculator%7Cpace-calculator; expires=Tue, 22-Jun-2021 03:22:09 GMT; Max-Age=2592000
content-encoding: gzip
content-length: 7862
content-type: text/html; charset=UTF-8

Redirect headers

date: Sun, 23 May 2021 03:22:09 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by: PHP/7.0.10
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent,Accept
set-cookie: PHPSESSID=9kbrnk5hhf8616asq5cmbhqhe7; path=/
location: /pace-calculator.html
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 common.js Show response
d26tpo4cm8sb6k.cloudfront.net/js/ 21 KB
7 KB 77ms
24ms Script
application/javascript 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/js/common.js
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: 2b6040c248ff174a26a91b9573361e3a90f73e84f48d095091caad864e01f1f8

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 18:30:25 GMT
content-encoding: gzip
last-modified: Sat, 04 Apr 2020 16:20:38 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 118304
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 6825
x-amz-cf-id: 8tXTm8lkzA2u7aQshF7SUSW6t9fxJPgviF7Os8o0B8OC52Bk0Xj0_w==
expires: Sun, 23 May 2021 18:30:25 GMT

GET
H2 200 style2.css
d26tpo4cm8sb6k.cloudfront.net/ 18 KB
4 KB 75ms
22ms Stylesheet
text/css 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/style2.css
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: c2b0bf8a85a7c4a71e93bcbef9785cb9e18c8f923f80c4b046edf5bc18522704

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 14:51:44 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 18:51:48 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 131425
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 4199
x-amz-cf-id: BnW7mv7ZCqtgNJIT2K1s334hXQEgkkPrhm7R5wexRAGx40fR1PUFqQ==
expires: Sun, 23 May 2021 14:51:44 GMT

GET
H2 200 jquery.min.js Show response
d26tpo4cm8sb6k.cloudfront.net/js/ 91 KB
33 KB 113ms
61ms Script
application/javascript 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/js/jquery.min.js
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:09 GMT
content-encoding: gzip
last-modified: Thu, 15 Mar 2018 19:10:44 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
x-amz-cf-pop: CDG52-P2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
cache-control: max-age=172800
accept-ranges: bytes
content-length: 33397
x-amz-cf-id: qph1u09GHvyJQQFpgPkTbWVMc_FWvp1zwpKWw4G5-HXgZPKBRYfZgw==
expires: Tue, 25 May 2021 00:12:51 GMT

GET
H2 200 highcharts.js Show response
d26tpo4cm8sb6k.cloudfront.net/highchart/ 138 KB
51 KB 80ms
27ms Script
application/javascript 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/highchart/highcharts.js
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: e2662f6e993c54ecbd8e0e214cf13f5f99785b2252561428c3a588598ec250a7

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 21:48:21 GMT
content-encoding: gzip
last-modified: Thu, 15 Mar 2018 19:11:41 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 106428
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 52115
x-amz-cf-id: Hfmjl0YjUUKcyGi7elRzW9tHOG7t202cyBMElmJcZqKFEDLqc-jlBA==
expires: Sun, 23 May 2021 21:48:21 GMT

GET
H2 200 calculator-white.svg
d26tpo4cm8sb6k.cloudfront.net/img/svg/ 4 KB
2 KB 22ms
21ms Image
image/svg+xml 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/img/svg/calculator-white.svg
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: 7e115279cd60609a24219e5e27010386eff6aa445ce6a73a19d256aefd6daa89

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 18:51:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Mar 2018 19:09:06 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 117019
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 1759
x-amz-cf-id: lfyhiQvsVaq8uDAt89No70EKi_HfAkNMdUKv1uCYUDRo0XsQOuJ0PA==
expires: Sun, 23 May 2021 18:51:50 GMT

GET
H2 200 calculate.svg
d26tpo4cm8sb6k.cloudfront.net/img/svg/ 2 KB
1 KB 23ms
22ms Image
image/svg+xml 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/img/svg/calculate.svg
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: d1f69317185bc5ce55a63bc5426fa21feca03f460854624c04589b690832b8d1

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 00:09:24 GMT
content-encoding: gzip
last-modified: Thu, 15 Mar 2018 19:09:05 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 97965
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 863
x-amz-cf-id: C5oYURP8HERaZ7zUcuvftGy5JPUKb_IOvl7Td21-WINhbKO5jMU0fg==
expires: Mon, 24 May 2021 00:09:24 GMT

GET
H2 200 clear.svg
d26tpo4cm8sb6k.cloudfront.net/img/svg/ 892 B
934 B 23ms
22ms Image
image/svg+xml 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/img/svg/clear.svg
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: 27f668e3594f380f3428f8d72bfb46c7876ff7f9858674432fa160379871a8fd

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 00:08:21 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 19:23:27 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 98028
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 523
x-amz-cf-id: XYfe4VK7iyqIIlB7nPfI_8615Yjl-cAdF-pbtiz-qFcQqHzve_vxKQ==
expires: Mon, 24 May 2021 00:08:21 GMT

GET
H2 200 heart-rate-vs-exercise.png
d26tpo4cm8sb6k.cloudfront.net/img/pace/ 21 KB
21 KB 46ms
45ms Image
image/png 2600:9000:218f:7400:b:6141:e700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d26tpo4cm8sb6k.cloudfront.net/img/pace/heart-rate-vs-exercise.png
Requested by: Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7400:b:6141:e700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash: 42db641aa0740fa43543e1e2c1cdbda42d5d28a391a7bd02bfd5218d79a8fcae

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 13:47:24 GMT
via: 1.1 7ec02501ea6ff545a2bfba827f5412a3.cloudfront.net (CloudFront)
last-modified: Fri, 01 Feb 2019 17:06:14 GMT
server: Apache/2.4.27 (Red Hat) OpenSSL/1.0.2k-fips
age: 48885
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 21010
x-amz-cf-id: 6PXctA_owcEbUThYROvIWPurUYCTjM1eUtscaY7eZ7Qpu8UNjGFW7w==
expires: Mon, 24 May 2021 13:47:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 106ms
38ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

8ccf7afed88ea02af2bbbb2da60a6920137bd9b5aa88ed4bc0f8466b501b410e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "880 / 372 of 1000 / last-modified: 1621634946"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21322
x-xss-protection: 0
expires: Sun, 23 May 2021 03:22:10 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4073
date: Sun, 23 May 2021 02:14:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 23 May 2021 04:14:17 GMT

GET
H3-29 200 pubads_impl_2021051801.js Show response
securepubads.g.doubleclick.net/gpt/ 308 KB
108 KB 47ms
46ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 08:37:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110938
x-xss-protection: 0
expires: Sun, 23 May 2021 03:22:10 GMT

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 27ms
13ms Image
image/gif 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2103099636&utmhn=www.calculator.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pace%20Calculator&utmhid=224018057&utmr=-&utmp=%2Fpace-calculator.html_____Section_2_AE__do&utmht=1621740130092&utmac=UA-3068863-11&utmcc=__utma%3D9212199.1144521204.1621740130.1621740130.1621740130.1%3B%2B__utmz%3D9212199.1621740130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=175677596&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
799 B 108ms
42ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.calculator.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.calculator.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 536ms
536ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1633919248090140&correlator=1720366784918008&output=ldjh&impl=fifs&eid=31060783%2C31060854%2C31061143%2C44742767&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210523&iu_parts=1057446%2CCalculator-Top-Right-Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1621740130&dt=1621740130224&dlt=1621740129852&idt=345&frm=20&biw=1600&bih=1200&oid=3&adxs=1014&adys=76&adks=3640173279&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.calculator.net%2Fpace-calculator.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x290&msz=336x0&ga_vid=1144521204.1621740130&ga_sid=1621740130&ga_hid=224018057&ga_fc=true&fws=4&ohw=1100&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

088bb8fe49a39205ce674be056da831907fbc1fcc6780e7ecc917143f91c69b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7295
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.calculator.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 70ms
13ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8016 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calculator.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calculator.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 23 May 2021 03:22:10 GMT
expires: Mon, 23 May 2022 03:22:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597303326658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sun, 23 May 2021 03:22:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 39ms
16ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eaeeeddcbb2bb25d68d4574b3c48a041b295174645b3b249784c089363354ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7675
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 10F4 624 B
592 B 16ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCwxpj2ARj05MKoATAB&v=APEucNXV6m1WLQzP6UVy9YPL-W468OzD3fd5sFZDPvZZEVwp5WZDejmyL7BHZpjcccPrCghTr2bNssqnhcfb6tfxqDEZMzehirdrRcV01-tM9U4zncPjFL4Lz3kVMJSkhA-QuWuS6RAlcdxS8VPuTnzdroyp_scHLI69oY9MdhbfO0k6K9TRnMyO2t3iAWhJT71bW5Hcyd6-vKEFoQmNr0ggIa5WgdV-_w

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMKPFhCwxpj2ARj05MKoATAB&v=APEucNXV6m1WLQzP6UVy9YPL-W468OzD3fd5sFZDPvZZEVwp5WZDejmyL7BHZpjcccPrCghTr2bNssqnhcfb6tfxqDEZMzehirdrRcV01-tM9U4zncPjFL4Lz3kVMJSkhA-QuWuS6RAlcdxS8VPuTnzdroyp_scHLI69oY9MdhbfO0k6K9TRnMyO2t3iAWhJT71bW5Hcyd6-vKEFoQmNr0ggIa5WgdV-_w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 23 May 2021 03:22:10 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmxry9pUf0DPeSOFAdyt7k0wgjkBCKRqJEERDaYaGSgnCu6faPwkXsJANyL; expires=Fri, 17-Jun-2022 03:22:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 23 May 2021 03:22:10 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8016 48 KB
23 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb3aMyCgKPw_Cd4Sw_rNxUpRghxLZCn0Eko9t92InWwvCJHX0GNYt6F1xHBNGkcctF8pkopGtECEp-N-GRVw0MovZVTbCDDn00N_lC72cglGpqBTThAF112KYveUp4V9rf0VlFFehiLg5tHoztNUKaN3abYg&dbm_d=AKAmf-CSFvWWX52gWPIO_AZU5Ru_gCzl_G4jIRoWqGS2gFhXfImeolZ6Pnljf7fDtt5OdYKWRXhOJMYFLhcfqUJgU7ba8cS2cgw6UwigX0_ta7KOAOgirPsUa6aoQfAC1uHwlDCdksnYemzknj8K7k_aX_eELtiRpybBTK45TSVgukukZ2VemQViul6b0ItIkVUs-UZ4s27CwdHbCx_CAAh0Y1RhuA3BehWMBWEUqJQQReyuhnxCD0FOoWxYdhYyNKaN0N38YwZyFfM1LWEB_BhGQv679vSb67ofOezJKifnTni5d_q7PwXbCPunt5NfsrrkWLSeu5Y_ayaGC6vbZKRdBjNTJpHsUk00MqlZu0oxY4ipY2iSc9_pqQpcsy3Fso0mGfGSVxA2dvjMoPzry1l2U39b_VCGwZMg3Me34NHWFBYRrmnn6NUYyRs7uuZYsX7ZTEmptee9pyXQyO-6e96U96pCLWkzPeOqz1j4jJ4VDk_hNqkKGcPKVDjUzAPw-vbDqsBNoxdYoFEsvDI1bMzLHp0VPLWPyhgts8cABPRXGQ3Qp-9fZ9nd4b1nR_Q-9UYWNQO15SAlN49xbNAzblHAkq4nFeyGpcZINCSEbYp3TToWDLmeqtug947OIieAH6Fp7mattZf0gfPLbTASqSp6L1QNj7MBsk06eK1h7a-9bLPi-bNgFQP9VVbtgT2TQBKcjsdMeYDKRYVnEOH63XTSXIXSdYVgO_6kuXp44yUc-vafmhGZhEEZmoqyIW7ol1FOx10oiL2BH64NJ9Hzbzvio9oHHqUlUoAQ2IXtr7-3OB0cG7nrkJFlE2PV-bBcQjinBzrKV359Erz7IfrtFOJDF2_tVx-xjDVukgvkCmpcPOdBafSK8fN7_WlCgDnqAFkllEUIBpLuN7hWv2TEPUuWN0nx6fQ-5vfFjsWYAM4aayzuMs8pctBz8uM6lNiz7mD6XnOjH6Z5kOU0z5p5enL6lRz4zhZGFNNOsDw8KlELgPp9CWeVWZ5uDKO76ZT99yPM_M2b0Pbf2hbfGk4IprZ2eOC4-bSJmhCxueRMyL6auUEqH8ZHFVgtMsF24G4XobAi95gavzNsZ22B75th65D-vhViJOaEOOeviy7IVbP6R4YaCxRJzgR39-oSnBSdnwMFXvYZnmEJbFdyGw8JR00yKGiUNFi4UvE7bDlNZYSd9OGWg6KinKHZ3emdd4u4HFAT_2WsSRY2EkipMCoAFU-uQul19N95OkVd2djP2oi30sS8DuHw8nvqpzM8iob3axvUx9g-cAZcsjcMuamy_YZNKab1fRZbBjCrcajI28gI6XMbOsHuoR6jAOiyM-vjWW6rhgbTRnDb9QTIvL5__Ky6EHfsCPmhxLZvTYG1eqiedNcm_zftVC9WEVRDpsredvYMm5s8De7N0i84L3PiA2o1R-r_ey5u2Rz1uG7TVAr62xEW0Funkl-73Ga4S2NXGVXq6JXYAklW5mMlLOHKvIkf-vIkAzbqoGBqWcLcR-d_3Ips4PDRfU9ZoHm77Ip3BdEk2NYHSqtfhbeYckmKoMFdT6CMwht-LoafJDKjVN8R6LeVe1-dfs5InJ3odEyR5jp03VUFog1V72geEc_uYIKfKGMAOZ0qPW3keLjWCW7Z54iGmyK1Wca88qacPHkhqBm4IDlxvuUfNutI7dK5a_ZxzJ9pu9ZmkD1JkFBfEOupmOembEQ-r4JsM2EjjOxvV96qQxCXCWyI53cyRXxELLz49-YPkKYzikNhrIw-g9kS_62eZfr3aw1v1QwYuN0Gy0eBh2w3VmoUKp6S3JKA1MUDWKkolX0bMOs3eyRjHeqtXZBHNVe0ZmIzPIGlfM94HUVW8qPxo5dyeUIO6DGi-aDtbMheNNrbDpBMHJCejdjpL0ZaaVpAVM72gk-zyNh5BT_l187CnF5h_5Ti2Isba0bWuw74TOnQdy6EnuAAA8Fmn_nbpeDzBdTY7J4b1c8Fr18bT7CEPE8evD3rcl_GtRqT3F5UnxUXzJU8IN0vu-0eFxLR1GskbTY0EEFhFxlUi93JRUYKjCfFyZjtn9yg08ZKPWA8WVUfOTaUMFYBmb5pAvMdr13o03u-b3y28P-0_SA_1rp-7OArzx4d84HWKmAjAektzQ8uME4Cv9_Nqqmfkm-diHuIcHoAcxEyafRopQHw5ncnRaZAH1jG-CpYCPYpROnQpSSLpZ5PgOMA58KFc8-oBb_46Jryuin9GQiKVLMoEoo7kjOdqM9eqZufJn3e4FwqOeey52T_lBBSut5nWGcLJpyr7cksql_bwiqdfaKYIHjvhUURk3LHdnzPrspwxscI4L4ROFYNHa3c0LtwPk5i2xBg7aDvndzY0UayXCCvvjCFFVn4fUQphyuR7bg5uyXOePbBrLpUOqOqPuDJ9xLddYt9YuV_CvM6cUq7WrJd1EGkJJN5Vuu_-J6o_2ylDZVBPYVmYgG2wPsDAz-yE0uXioXjHPQ9UO-dxK3p7rzqaHVobUJthtyJYHS6QmdbdLpScpFjB-1uKlsIydfULjbfePINW4EEEqoaB5oEYSeBQlIt6NHm3piugEdpLTS5wad8R9RW9fL_7Dt6DKE9n8qsBKyDEQ2npV4vXAgLeiopgWIQ183L74It2mn58mGTBmBOM7_TL8SWvL2eF6b75B5UDcvmzy15CXXKkEsxlJHJBxUZKJHnGz6pl6B9sjKbjVDqILD6CsGdWmopPGTyGNvysfMtUbTgymkMaIidAXvfsM6r8CYjtHsf5OpenMAqot_oetxM_tycUvj0UK6hyj2YU9dzn82-Ch25Ua0stkDtoEYvZEwFLcLZ2z1LJOhhRqgexJmcHFyNtPiw8CF8rcx7ZJAZMtNeiFqZBDSlwzbH0hVhoMiUsphMfN4RC-kio8nb4tI9jvwkhMQGLwsOyCgGgRVFUZRY2PrvYQaLmNNrIIueCV1LwhdvdWinzDsK3kkjxvWGRA3Uz4r66h8FsXi9V6zEdlhF7wS3AUnGkeJY-zVVmCYAFGKw2KtQcjIaxpO_mvcOYek35PWLfjcPm-aXBXs79Dog2nqCPiUYJ7msInRD1O6ngW-id2olpBLwxAVKNiAzASdIpgfDT9WDI_b243JvwAdeR86sTRNt0aqm6uaJ4tSym2LFQLx1I970sjzs5JIl9A&cid=CAASPeRo-39nsz1JO8UkgowY9Ads-WsjDGNV93j_j7aAE1tyPIi9BCM_j6YoL2Zq8NMyxdw1h7UhXBsDZSp8Q-k&rfl=1%2Chttps%253A%252F%252Fwww.calculator.net%252F%240

Requested by

Host: www.calculator.net
URL: https://www.calculator.net/pace-calculator.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

803cab46373f3f03cb3c97409f8714de0f38528e8cc9b2875cd5a93c005afc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23235
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8016 42 B
498 B 33ms
13ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhpmMp3zmsCvRdJJDcZ8coHZkrx6T9d0ITgqCLpoGCfQl5-Ufgikkre5UG_jmyvkvQdb9j76QPYeungq4cWCWn5viKiV7rXOsAvuv0DvSIshHOiuM

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 8016 2 KB
1 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 03:21:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8016 119 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597309435250"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37145
x-xss-protection: 0
expires: Sun, 23 May 2021 03:22:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 8016 13 KB
6 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 02:58:10 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 23 May 2021 03:22:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 10F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiNCkrNnS7dZIy5LjQT7lU&google_cver=1

43 B
1014 B

47ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiNCkrNnS7dZIy5LjQT7lU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCwxpj2ARj05MKoATAB&v=APEucNXV6m1WLQzP6UVy9YPL-W468OzD3fd5sFZDPvZZEVwp5WZDejmyL7BHZpjcccPrCghTr2bNssqnhcfb6tfxqDEZMzehirdrRcV01-tM9U4zncPjFL4Lz3kVMJSkhA-QuWuS6RAlcdxS8VPuTnzdroyp_scHLI69oY9MdhbfO0k6K9TRnMyO2t3iAWhJT71bW5Hcyd6-vKEFoQmNr0ggIa5WgdV-_w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 May 2021 03:22:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 23 May 2021 03:22:11 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELiNCkrNnS7dZIy5LjQT7lU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 10F4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKnKYtXUvDhMvL.vz11h.AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsD8At-PVWddJY5brgTNrM&google_cver=1&google_hm=2

43 B
894 B

40ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsD8At-PVWddJY5brgTNrM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCwxpj2ARj05MKoATAB&v=APEucNXV6m1WLQzP6UVy9YPL-W468OzD3fd5sFZDPvZZEVwp5WZDejmyL7BHZpjcccPrCghTr2bNssqnhcfb6tfxqDEZMzehirdrRcV01-tM9U4zncPjFL4Lz3kVMJSkhA-QuWuS6RAlcdxS8VPuTnzdroyp_scHLI69oY9MdhbfO0k6K9TRnMyO2t3iAWhJT71bW5Hcyd6-vKEFoQmNr0ggIa5WgdV-_w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 May 2021 03:22:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 23 May 2021 03:22:11 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsD8At-PVWddJY5brgTNrM&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 10F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMs8_JbrmuXDa-mIyCgNJmw&google_cver=1

43 B
1022 B

39ms
32ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMs8_JbrmuXDa-mIyCgNJmw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCwxpj2ARj05MKoATAB&v=APEucNXV6m1WLQzP6UVy9YPL-W468OzD3fd5sFZDPvZZEVwp5WZDejmyL7BHZpjcccPrCghTr2bNssqnhcfb6tfxqDEZMzehirdrRcV01-tM9U4zncPjFL4Lz3kVMJSkhA-QuWuS6RAlcdxS8VPuTnzdroyp_scHLI69oY9MdhbfO0k6K9TRnMyO2t3iAWhJT71bW5Hcyd6-vKEFoQmNr0ggIa5WgdV-_w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 May 2021 03:22:11 GMT
X-Proxy-Origin: 185.128.25.52; 185.128.25.52; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.54:80
AN-X-Request-Uuid: ee06ca68-83cc-47ac-975d-b72fb9487c26
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMs8_JbrmuXDa-mIyCgNJmw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10F4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzNjMxNDg1NjA3NjMyMDM1MA%3D%3D

170 B
188 B

52ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzNjMxNDg1NjA3NjMyMDM1MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 23 May 2021 03:22:10 GMT
X-Proxy-Origin: 185.128.25.52; 185.128.25.52; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.23:80
AN-X-Request-Uuid: 5d034239-cda7-4b23-adea-475af0ab1196
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMzNjMxNDg1NjA3NjMyMDM1MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F4B3 12 KB
5 KB 12ms
12ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calculator.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calculator.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 22 May 2021 21:48:47 GMT
expires: Sun, 22 May 2022 21:48:47 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20003
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E1A 783 B
768 B 16ms
15ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ce4f82b78bbff6ae6735615d4fd5bd4e1d6b925e070c4deb673f55bdbe3224d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kDaSBulns8HA5N14k3nr7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calculator.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calculator.net/

Response headers

expires: Sun, 23 May 2021 03:22:10 GMT
date: Sun, 23 May 2021 03:22:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-kDaSBulns8HA5N14k3nr7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 8016 22 KB
8 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bb3aMyCgKPw_Cd4Sw_rNxUpRghxLZCn0Eko9t92InWwvCJHX0GNYt6F1xHBNGkcctF8pkopGtECEp-N-GRVw0MovZVTbCDDn00N_lC72cglGpqBTThAF112KYveUp4V9rf0VlFFehiLg5tHoztNUKaN3abYg&dbm_d=AKAmf-CSFvWWX52gWPIO_AZU5Ru_gCzl_G4jIRoWqGS2gFhXfImeolZ6Pnljf7fDtt5OdYKWRXhOJMYFLhcfqUJgU7ba8cS2cgw6UwigX0_ta7KOAOgirPsUa6aoQfAC1uHwlDCdksnYemzknj8K7k_aX_eELtiRpybBTK45TSVgukukZ2VemQViul6b0ItIkVUs-UZ4s27CwdHbCx_CAAh0Y1RhuA3BehWMBWEUqJQQReyuhnxCD0FOoWxYdhYyNKaN0N38YwZyFfM1LWEB_BhGQv679vSb67ofOezJKifnTni5d_q7PwXbCPunt5NfsrrkWLSeu5Y_ayaGC6vbZKRdBjNTJpHsUk00MqlZu0oxY4ipY2iSc9_pqQpcsy3Fso0mGfGSVxA2dvjMoPzry1l2U39b_VCGwZMg3Me34NHWFBYRrmnn6NUYyRs7uuZYsX7ZTEmptee9pyXQyO-6e96U96pCLWkzPeOqz1j4jJ4VDk_hNqkKGcPKVDjUzAPw-vbDqsBNoxdYoFEsvDI1bMzLHp0VPLWPyhgts8cABPRXGQ3Qp-9fZ9nd4b1nR_Q-9UYWNQO15SAlN49xbNAzblHAkq4nFeyGpcZINCSEbYp3TToWDLmeqtug947OIieAH6Fp7mattZf0gfPLbTASqSp6L1QNj7MBsk06eK1h7a-9bLPi-bNgFQP9VVbtgT2TQBKcjsdMeYDKRYVnEOH63XTSXIXSdYVgO_6kuXp44yUc-vafmhGZhEEZmoqyIW7ol1FOx10oiL2BH64NJ9Hzbzvio9oHHqUlUoAQ2IXtr7-3OB0cG7nrkJFlE2PV-bBcQjinBzrKV359Erz7IfrtFOJDF2_tVx-xjDVukgvkCmpcPOdBafSK8fN7_WlCgDnqAFkllEUIBpLuN7hWv2TEPUuWN0nx6fQ-5vfFjsWYAM4aayzuMs8pctBz8uM6lNiz7mD6XnOjH6Z5kOU0z5p5enL6lRz4zhZGFNNOsDw8KlELgPp9CWeVWZ5uDKO76ZT99yPM_M2b0Pbf2hbfGk4IprZ2eOC4-bSJmhCxueRMyL6auUEqH8ZHFVgtMsF24G4XobAi95gavzNsZ22B75th65D-vhViJOaEOOeviy7IVbP6R4YaCxRJzgR39-oSnBSdnwMFXvYZnmEJbFdyGw8JR00yKGiUNFi4UvE7bDlNZYSd9OGWg6KinKHZ3emdd4u4HFAT_2WsSRY2EkipMCoAFU-uQul19N95OkVd2djP2oi30sS8DuHw8nvqpzM8iob3axvUx9g-cAZcsjcMuamy_YZNKab1fRZbBjCrcajI28gI6XMbOsHuoR6jAOiyM-vjWW6rhgbTRnDb9QTIvL5__Ky6EHfsCPmhxLZvTYG1eqiedNcm_zftVC9WEVRDpsredvYMm5s8De7N0i84L3PiA2o1R-r_ey5u2Rz1uG7TVAr62xEW0Funkl-73Ga4S2NXGVXq6JXYAklW5mMlLOHKvIkf-vIkAzbqoGBqWcLcR-d_3Ips4PDRfU9ZoHm77Ip3BdEk2NYHSqtfhbeYckmKoMFdT6CMwht-LoafJDKjVN8R6LeVe1-dfs5InJ3odEyR5jp03VUFog1V72geEc_uYIKfKGMAOZ0qPW3keLjWCW7Z54iGmyK1Wca88qacPHkhqBm4IDlxvuUfNutI7dK5a_ZxzJ9pu9ZmkD1JkFBfEOupmOembEQ-r4JsM2EjjOxvV96qQxCXCWyI53cyRXxELLz49-YPkKYzikNhrIw-g9kS_62eZfr3aw1v1QwYuN0Gy0eBh2w3VmoUKp6S3JKA1MUDWKkolX0bMOs3eyRjHeqtXZBHNVe0ZmIzPIGlfM94HUVW8qPxo5dyeUIO6DGi-aDtbMheNNrbDpBMHJCejdjpL0ZaaVpAVM72gk-zyNh5BT_l187CnF5h_5Ti2Isba0bWuw74TOnQdy6EnuAAA8Fmn_nbpeDzBdTY7J4b1c8Fr18bT7CEPE8evD3rcl_GtRqT3F5UnxUXzJU8IN0vu-0eFxLR1GskbTY0EEFhFxlUi93JRUYKjCfFyZjtn9yg08ZKPWA8WVUfOTaUMFYBmb5pAvMdr13o03u-b3y28P-0_SA_1rp-7OArzx4d84HWKmAjAektzQ8uME4Cv9_Nqqmfkm-diHuIcHoAcxEyafRopQHw5ncnRaZAH1jG-CpYCPYpROnQpSSLpZ5PgOMA58KFc8-oBb_46Jryuin9GQiKVLMoEoo7kjOdqM9eqZufJn3e4FwqOeey52T_lBBSut5nWGcLJpyr7cksql_bwiqdfaKYIHjvhUURk3LHdnzPrspwxscI4L4ROFYNHa3c0LtwPk5i2xBg7aDvndzY0UayXCCvvjCFFVn4fUQphyuR7bg5uyXOePbBrLpUOqOqPuDJ9xLddYt9YuV_CvM6cUq7WrJd1EGkJJN5Vuu_-J6o_2ylDZVBPYVmYgG2wPsDAz-yE0uXioXjHPQ9UO-dxK3p7rzqaHVobUJthtyJYHS6QmdbdLpScpFjB-1uKlsIydfULjbfePINW4EEEqoaB5oEYSeBQlIt6NHm3piugEdpLTS5wad8R9RW9fL_7Dt6DKE9n8qsBKyDEQ2npV4vXAgLeiopgWIQ183L74It2mn58mGTBmBOM7_TL8SWvL2eF6b75B5UDcvmzy15CXXKkEsxlJHJBxUZKJHnGz6pl6B9sjKbjVDqILD6CsGdWmopPGTyGNvysfMtUbTgymkMaIidAXvfsM6r8CYjtHsf5OpenMAqot_oetxM_tycUvj0UK6hyj2YU9dzn82-Ch25Ua0stkDtoEYvZEwFLcLZ2z1LJOhhRqgexJmcHFyNtPiw8CF8rcx7ZJAZMtNeiFqZBDSlwzbH0hVhoMiUsphMfN4RC-kio8nb4tI9jvwkhMQGLwsOyCgGgRVFUZRY2PrvYQaLmNNrIIueCV1LwhdvdWinzDsK3kkjxvWGRA3Uz4r66h8FsXi9V6zEdlhF7wS3AUnGkeJY-zVVmCYAFGKw2KtQcjIaxpO_mvcOYek35PWLfjcPm-aXBXs79Dog2nqCPiUYJ7msInRD1O6ngW-id2olpBLwxAVKNiAzASdIpgfDT9WDI_b243JvwAdeR86sTRNt0aqm6uaJ4tSym2LFQLx1I970sjzs5JIl9A&cid=CAASPeRo-39nsz1JO8UkgowY9Ads-WsjDGNV93j_j7aAE1tyPIi9BCM_j6YoL2Zq8NMyxdw1h7UhXBsDZSp8Q-k&rfl=1%2Chttps%253A%252F%252Fwww.calculator.net%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 03:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8593
x-xss-protection: 0
server: cafe
etag: 3013172215444160546
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 03:15:43 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 8016 8 KB
3 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 01:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Jun 2021 01:42:56 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8016 0
575 B 114ms
45ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwDGVZH0v58P58fRwuVhi2vFoC0eUIEByMMoD-xoDtm-bx2xTL3ZQG7PAskrdiIcfl1nRQXo2fTz3Zjczxj82zsZ4FPa-whSnjvjjGhAkR2wRfMyLvozEkK-iZic1khkcyt_6OGYGgNtCfl6KPt7VdQMmDcHJpftbXhRPGdDpgosyy5fh7cFqR5LElsDd7_Bz1VtcJk1VfL-se22jVF1exKbr3SSIYj0WK2brJr_FiIi-heXd4F4Xs18rDwiLSz_Oh2DQLcoUcK0OtBeDeIBLACsPVUBm5KyPi5r9LO17-4vk9xQ6nHHVlF4fUJGYhxxJ0kXcVCAjeekOaiFcvN4FQiqXHwYoaUdsAbcy1QaTWxhONqQABsbAijUEbIe--ft7gkQkMlh_0IDUeH4_T39XWNnZ3T8QFX7mjOMJiDWEf285MPONx6gaD_OPNn0D_t7BeDKjv3rVHmGHCh5zhhOfY-zT6NxhwWj4e7CNoBDhBWAYLml_X67k2ZZIxo7CIfrGxwQzrEmPvVUtaZKhy9PhyWXaZvzQfQUqKIqvqCt865lb6CujPt7nb8dx07HebYtjFsfu_iidgpmcKGKvgKH2_Tdb5JMaFwbYMB7EF4CKKw6KQxqMULb_T_gE17JE7ZrqJhhQb8I0-v46Zbd2o3e5zsbJPIvbTXct-1J0QgVxzLUnRrwwJclqmplhDezItwhMc3azTlHdDsERJIxOediRnAy5dWpjYWuYWjT1NwCpi-sAB6dybb-kSeJMGMO5DZ5VEoQWJVTdtps1AgnExhxNrysZ8daO62XlpyhBeL8wZ16DinU3zddHAe_QyLLICo2z15KAFGqjcAOHRld5ZXnb5WjB7SEnHEDYP2QwnXNUu5OdEzo1tEZt2Fvpi-lBoF0cS8-jd7uFh2kEuEI1iMmFhnWPKnKJvYPQpnLULParb8CkuwIIO6YOfQAbK4m1FQzBmleTUhhmyIgQ27Zrxt6KX_0CswNKCQGERdt15vgFE7gitYCvtDBPcoccdAfGqqQwHxexg6sFAGw1kQIXZCfhnycXMOArTFaMCweu8MI6r401sa29qABADdz7oJa-4IDymknEvVx-uC_9aftcHZclZ4FYUG_VHD9l4840dck-4WA529BBORSVaPGgnj-pZc2l4NFYo7HpPK90MoJpBBUvxfkZs1MsQ_E_yXi7TYGhLgBDVK8ms1Ej9LhcbSEhUbsyeswpMt0nk_09a_lvFLFMx_BZ1H7Kh6TJSg9ll-89azSGRih6c5g&sai=AMfl-YR6AlIOStKOgaJxGi7q-JVMwqC3xP0ZFB_Zc6Fe0RBc5e3iCUtcRu7TA2kmjVx7XctT3T29x7iOM0Jzr3e9764qSwN6gnPjSzPuCvGoGrO_m0vuO9ICruGRRa-Jht4yXseSIZjvsvR32k2Io0RjAYPKM2H7bDpajb_1PN_SH-RMYkPBqVzKEDzXQVR-HDwpJGWH8IgZTemzuqu_KkYXXBjpTRt9Jth9VshLPQNshw&sig=Cg0ArKJSzH_0eEFJoxo-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210517.81628&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 23 May 2021 03:22:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8016 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 16:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37529
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 May 2022 16:56:41 GMT

GET
H2 200 nH6jqUDj_24qHfZdRtLF3GxrtSUt1MyALduNqCyaNQel85NcVTxizwsB0vuSg4Ako0RE708T2QPFNk533-qxFKhjlZvShtsPwTXWbUc6G-aiM6m4=w300-h250-n
s2.2mdn.net/proxy/ Frame 8016 34 KB
34 KB 33ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.2mdn.net/proxy/nH6jqUDj_24qHfZdRtLF3GxrtSUt1MyALduNqCyaNQel85NcVTxizwsB0vuSg4Ako0RE708T2QPFNk533-qxFKhjlZvShtsPwTXWbUc6G-aiM6m4=w300-h250-n

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c38492649fe751664905cb63b9847c7074121bda73c118041e44eb6a49cb31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 23:52:08 GMT
x-content-type-options: nosniff
server: fife
age: 12602
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34875
x-xss-protection: 0
expires: Sun, 23 May 2021 23:52:08 GMT

GET
H2 200 t.js;adv=11242243065021;ec=11242244995237;adv.a=10140946;c.a=25746533;s.a=6174527;p.a=303060755;a.a=495784085;cache=2295978052;
ad.atdmt.com/i/ Frame 8016 0
1 KB 1126ms
763ms Image
text/javascript 2a03:2880:f06b:e:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/t.js;adv=11242243065021;ec=11242244995237;adv.a=10140946;c.a=25746533;s.a=6174527;p.a=303060755;a.a=495784085;cache=2295978052;

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f06b:e:face:b00c:0:8c , Oman, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: 83HeKEVFwlQCIposz09d/tSSG8X6KyboPQzpXwV0sg7akyq/P9iCMtg8fo0Gr8/+D5fHbsbQiQVibGBpqPMH+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-content-type-options: nosniff
date: Sun, 23 May 2021 03:22:11 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/javascript;charset=utf-8
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-length: 0
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame F4B3 14 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 12:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 52106
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Sun, 22 May 2022 12:53:44 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8B00 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 22 May 2021 16:56:52 GMT
expires: Sun, 22 May 2022 16:56:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37518
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8016 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe5296017ca6811a625e0e7378818b92369d0dd57f42068b01dd31f780cd468

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8016 0
23 B 78ms
40ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 23 May 2021 03:22:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B00 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 12:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 52107
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Sun, 22 May 2022 12:53:44 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051801&jk=1633919248090140&bg=!PT6lPnrNAAZ7hX_Ue4U7ACkAdvg8Wkc8D24NFHtCoNp2YqrtFj_kRRJP1iYm4GHmOYmz7F80Wl8hHQIAAACmUgAAAB9oAQcKAE2F-gBD-EfCBRyueCr38fQIpUR0z4886ZfDAHWdWrnwcIM5KMfOssYZlDiiZ2Lc6HlUhoV21YSyJn9gljja4ECkb3AmU5SO9TLNhCA0X5kCQVOnhx4fR3QFIaf9j0UnVipzUN4gnYFt8veZTzr52SXlopohvT1b7iQwUR6tzGsA0jAOORYfdHlZC8JJfULhqIbvyeOhGL6L2PAcwispPHFLjXUnc2bH6RLOZr_FXdOatGlZMNn4n4SNNRaKiIhye2GN8Aod1WSrN76hd7Y6-RyP4nCOOds9Au6H1sFnGThig4TQZIxACYd-aT7XRDaTCjCinX-C7SEnceXUtyaKZLAAswvd8bQPXrOwTmh6Vx7H1c5Yy-_9INWplx81D3-3AC5ALfPDK0prLncl4BEH89pGLkldYHbF7XoDjvwB9v_V-YGQ-x8uQiF2gRbEUTiVKUYBB74DUi6X6_jHMETFLVrQtllaMcaADCK6QvxeLGDDm1iXoGu8MjzGR2xHsQ9MMI3gLMN66CifMh7BM9EOvJa6xTwF9GO70aKjz6g5roLyWdFRnT-l2SJvmYGQV7rzFZ3XEbrqqcZnBxacV901A9Y-JVo4zTqY6aGwvXoepNgcY82YOBwqDcyO9RbkPCLT6pfm3Ls4Q1ETl2_7BdSw16NDhCCU5GpVQydgY9rzGx3EqUutoiv6L_ZA7wTAtMlLeYfV665sTA6ehYXWJY0KMBEYQ8rgMwDNv9Resg4Hwa5YeX1IHLe-sx1Hr1C83bp8vkDrJnziiM8gBBNcz4xrVj6asjeBohD7kpWc9PcDeOAt1S7acHe7oPnK9g7cDRFafJVUtpHePfgsuuNdWtg4vZaryV_22MupfJS2VBFtY2enDHc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calculator.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B00 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIGD9YsqpYJGpNJaPrATnhaPYBwAAAAA4AeAEAg&bg=!BwSlBEDNAAZ7hX_Ue4U7ACkAdvg8WqVVtS358uEqgyxe_Mevqgh3b_ODnUjtqCaQ0-rXeJGFrnWcpwIAAACJUgAAAApoAQcKAO91iGOvjEOCjXGOOgowtRczs7adjryGeEIpdFY-xAJRXdq-syX5nKZfjb7cKrr90dGs7gEy6SiIkiMDgesfnFZ_q5YoO6W_6c7ulez17bC8BPO2inZjoorpSK4bicaABa6dDUrcocBWggOb54cr-cHS_cxlkmuN9Hr6izdJmzJ3Yj6ZHPKxXyKluGa5futSrDcXopCdtt7slsPgxh54W9_voUcKMSaBRKxlPug6mllgN-LHFe9rMHVrORyARmqlcrTD1diC9j9VCTu5uVMwdiESub0a1u47F4tzN0rjpLKnzxXMS1g8MTcIwgOVw4PAJpkCi9YtIhTvH-XbAgdaYjkksfA7HnygMdSQWRVhQ7qT9faiH4_oOZ4bVXVq8smAHL-itX2ASvatuzKiRcV3hABhYTY7kwMsgnVdjHd4xxtxPptJcDGXiOle1-E9ctIcpOjv4aHOhlFpBxbvvS4mXkddeeQ5W5GHKjd2a1-g1yq_W4mPJ07y6NJSHK0OeGz2FIb6lsLVebkc6ySlNyCAgHaPvApeAlQnH01-3YRDn1Ke1ufAWSViCeaCiodTdy6VabeIXpUVWUlOLm4Gf-pGR2mdvdfpmPHZWMb8lXmu5gjwcXlCmkYI7APCOWzSf2TPq7atzjMHUtWTtK5eH0XQsqLivOor5oL9dkq-fLqBvAtZRbgerpWPI0LNUuHxb_zu5Kaebhai_eT5rL1LBSsLKaf-EqeMRaXSiYrorwClXk-1Tj1bT3shQpK-BRinOW4Nn9bK3SPt1Af5UDu3dfiJ2tT57U2v3ATSPFL6Q75qdskjKkju-Ff6IPK-U1dHhAalMW5uOu3bMnAigpeKPNbbkLIWQqgaSFnO--W40W1EmnVRwWnS5KAyvRgwSjV0CyQ425Jab-nTQxnCTX8hIIrmnpUzWaeQrJ7CHiboIV5GsarL3Bc9Wx88XBrMydT6qSdiX74G_Zw3xDjZ_ZdMMHX5FIolKu1pPRXEa5ZrIEDqn0hVeSb0zVdIscAMjHgr2R7Iopgixplre0Z8wJjeUz_D24QQQci_d62iLgv87r1MNK5Rv9iTdvG9fUOHFqzCFhIA5s3tTh9zNsBUZiBduc3MxYauwd2YLya4nXsLN3u8Iu88KNVIXrEKDEgRRNEMKAwxlRcl6mb8eZwpTOPdKBrHbJJfmm0AT1yYYVmhFsXjbQ

Requested by

Host: 27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
URL: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8016 42 B
64 B 30ms
16ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswitJIGRulUyP1hwwTgURVV-uZrNONAOukXyvR1q2S9hRUL9JF1DrEiyUw9TJ5q1J6FlcWo0RpYNAu4mRoFCIWX463QS5UhXzQo-FpmPuqrkHlRJ4UZx2vy7INSQ&sai=AMfl-YSxqtJgg6INbAf1fEV4UY4UKkyi_Pi4mVIZb9cU1CL3yh6BFCRhQjNLZda8gLX-PbdYAmpeTp0fFuO2s6_0JuRt6o_BJQ-c8xeqe77KJ0hhDXrVzC7h6XjL0FZuw-Y&sig=Cg0ArKJSzOUVLk7EGwYiEAE&cid=CAASPeRo-39nsz1JO8UkgowY9Ads-WsjDGNV93j_j7aAE1tyPIi9BCM_j6YoL2Zq8NMyxdw1h7UhXBsDZSp8Q-k&id=lidar2&mcvt=1001&p=76,1032,330,1332&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3640173279&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 03:22:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.calculator.net/	1970-01-19 18:29:00	Name: __utmt Value: 1
.calculator.net/	1970-01-19 18:29:01	Name: __utmb Value: 9212199.1.10.1621740130
.calculator.net/	1970-01-19 22:51:48	Name: __utmz Value: 9212199.1621740130.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.calculator.net/	1969-12-31 23:59:59	Name: __utmc Value: 9212199
.calculator.net/	1970-01-20 12:00:12	Name: __utma Value: 9212199.1144521204.1621740130.1621740130.1621740130.1
www.calculator.net/	1970-01-19 19:12:12	Name: recentVisit[0] Value: Pace+Calculator%7Cpace-calculator
www.calculator.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9kbrnk5hhf8616asq5cmbhqhe7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27b36cbe56abfbc8a5d8f0f4c1eb1db7.safeframe.googlesyndication.com
ad.atdmt.com
adservice.google.com
adservice.google.fr
cm.g.doubleclick.net
d26tpo4cm8sb6k.cloudfront.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s2.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
www.calculator.net
www.google.com
www.googletagservices.com
142.250.185.162
142.250.185.66
172.217.23.98
2.18.234.21
2600:9000:218f:7400:b:6141:e700:21
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400d:808::2002
2a03:2880:f06b:e:face:b00c:0:8c
37.252.172.38
69.10.42.201
088bb8fe49a39205ce674be056da831907fbc1fcc6780e7ecc917143f91c69b5
0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1ce4f82b78bbff6ae6735615d4fd5bd4e1d6b925e070c4deb673f55bdbe3224d
27f668e3594f380f3428f8d72bfb46c7876ff7f9858674432fa160379871a8fd
2b6040c248ff174a26a91b9573361e3a90f73e84f48d095091caad864e01f1f8
2eaeeeddcbb2bb25d68d4574b3c48a041b295174645b3b249784c089363354ad
42db641aa0740fa43543e1e2c1cdbda42d5d28a391a7bd02bfd5218d79a8fcae
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508049771b628367389a5029956a483db5d6595f548f796de98ef4c218678f90
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954
7e115279cd60609a24219e5e27010386eff6aa445ce6a73a19d256aefd6daa89
803cab46373f3f03cb3c97409f8714de0f38528e8cc9b2875cd5a93c005afc65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ccf7afed88ea02af2bbbb2da60a6920137bd9b5aa88ed4bc0f8466b501b410e
8fe5296017ca6811a625e0e7378818b92369d0dd57f42068b01dd31f780cd468
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9c38492649fe751664905cb63b9847c7074121bda73c118041e44eb6a49cb31e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2b0bf8a85a7c4a71e93bcbef9785cb9e18c8f923f80c4b046edf5bc18522704
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
d1f69317185bc5ce55a63bc5426fa21feca03f460854624c04589b690832b8d1
e2662f6e993c54ecbd8e0e214cf13f5f99785b2252561428c3a588598ec250a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

www.calculator.net Open in urlscan Pro 69.10.42.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

67 %IPv6

12 Domains

18 Subdomains

19 IPs

4 Countries

487 kBTransfer

1212 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.calculator.net Open in urlscan Pro
69.10.42.201 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

487 kB
Transfer

1212 kB
Size

7
Cookies

47 HTTP transactions
1 data transactions