www.bouncycastle.org Open in urlscan Pro
203.32.61.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bouncycastle.org/
Effective URL:
https://www.bouncycastle.org/
Submission: On April 20 via api (April 20th 2021, 8:49:00 am UTC) from IL

Summary HTTP 83 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 18 domains to perform 83 HTTP transactions. The main IP is 203.32.61.103, located in Australia and belongs to INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU. The main domain is www.bouncycastle.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 21st 2019. Valid for: 2 years.

This is the only time www.bouncycastle.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	203.32.61.103 203.32.61.103	45577 (INTERVOLV...) (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
13	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	63.33.127.66 63.33.127.66	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.77.77 18.195.77.77	16509 (AMAZON-02) (AMAZON-02)
83	17

8 203.32.61.103 (Australia) 1 redirects

ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU)

www.bouncycastle.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.208.246 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.127.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-127-66.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.77.77 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-77-77.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	239 KB
21	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	81 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	135 KB
8	bouncycastle.org 1 redirects www.bouncycastle.org	29 KB
4	googletagservices.com www.googletagservices.com	136 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	2 KB
3	openx.net 3 redirects rtb.openx.net	995 B
3	googleapis.com fonts.googleapis.com	2 KB
3	google.com adservice.google.com www.google.com	675 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	919 B
2	rlcdn.com 2 redirects id.rlcdn.com	890 B
2	quantserve.com cms.quantserve.com	675 B
2	google.de adservice.google.de	921 B
1	agkn.com 1 redirects d.agkn.com	765 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	mookie1.com odr.mookie1.com	324 B
1	googleadservices.com partner.googleadservices.com	645 B
83	18

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	cm.g.doubleclick.net	www.bouncycastle.org googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.bouncycastle.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.bouncycastle.org	1 redirects www.bouncycastle.org
6	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	www.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
83	22

This site contains links to these domains. Also see Links.

Domain
www.cryptoworkshop.com
www.primekey.com
twitter.com
www.facebook.com
polydistortion.net
www.tauceti.org.au
www.geoffhook.com
www.prozacblues.com
www.java.com
www.microsoft.com

Subject Issuer	Validity	Valid
www.bouncycastle.org Go Daddy Secure Certificate Authority - G2	`2019-09-21` - `2021-11-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.bouncycastle.org/
Frame ID: BEF8D52B50E30A27E972F805CD43989F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html
Frame ID: 06F9A600073B456D2E6B29E6136F84F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&slotname=5658880125&adk=3219384348&adf=920885222&pi=t.ma~as.5658880125&w=1199&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&psa=0&format=1199x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523903&bpp=19&bdt=271&idt=65&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2717994295927&frm=20&pv=2&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z1N0fR3kzo&p=https%3A//www.bouncycastle.org&dtd=83
Frame ID: 8F57FAD04B9838BCCC08B0A57390528C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&adk=1812271804&adf=3025194257&lmt=1618481953&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bouncycastle.org%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523922&bpp=4&bdt=291&idt=74&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1199x280&nras=1&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=79
Frame ID: 6ADB3567EB34B85A5FB141BA7F40D89C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&adk=4175846939&adf=3603122201&pi=t.aa~a.920193721~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0&nras=2&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JzBz0koLyX&p=https%3A//www.bouncycastle.org&dtd=9
Frame ID: 9D18E2026F0F552C9E9C1E785E97EC13
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=60&adk=2219768980&adf=3798482485&pi=t.aa~a.1372487962~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x60&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0%2C1200x280&nras=3&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gg4qWb78iF&p=https%3A//www.bouncycastle.org&dtd=12
Frame ID: AD62AB137D7D6000D040606CE9FC99DE
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51A8C1B94EDD709E8B70E6A89A2B32C3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 57B73A6DF09E01726C68B7C1951DAC78
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 16E7E7B293DCD98CAA034C7D5BEA9B11
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4EC6D6CCA9DD4BEAC50B60D4F3E546E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: C75BAAB64AAEF0544162F163BF6823B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: CE1FBD9D80B438B24334774D3FA056DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bouncycastle.org/ HTTP 302
https://www.bouncycastle.org/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

83
Requests

100 %
HTTPS

52 %
IPv6

18
Domains

22
Subdomains

17
IPs

5
Countries

625 kB
Transfer

1468 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cryptoworkshop.com/
Title: Crypto Workshop

Search URL Search Domain Scan URL

URL: https://www.primekey.com/blog/2021/04/15/125m-growth-round-fuels-keyfactor-and-primekey-merger-to-bring-machine-identity-management-to-the-mainstream/
Title: now part of KeyFactor

Search URL Search Domain Scan URL

URL: https://twitter.com/bccrypto

Search URL Search Domain Scan URL

URL: https://www.facebook.com/legionofthebouncycastle

Search URL Search Domain Scan URL

URL: http://polydistortion.net/bc/index.html
Title: polydistortion.net

Search URL Search Domain Scan URL

URL: http://www.tauceti.org.au/
Title: Tau Ceti Co-operative Ltd

Search URL Search Domain Scan URL

URL: http://www.geoffhook.com/
Title: Geoff Hook

Search URL Search Domain Scan URL

URL: http://www.prozacblues.com/
Title: Travis Winters

Search URL Search Domain Scan URL

URL: http://www.java.com/
Title: Oracle

Search URL Search Domain Scan URL

URL: http://www.microsoft.com/
Title: Microsoft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bouncycastle.org/ HTTP 302
https://www.bouncycastle.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIXWOGPN_3Ov58JugKQtWvFJVqKU9MnfbJYzmXsnyydWxCodBHn4mVrkMxfrBh8Vo5RWnkdI7r1txuVnQsdFL05jKm0-qY&google_gid=CAESEKaZ9IsysrSrcgi0LotnQQ8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOyq-oMGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVJWFdPR1BOXzNPdjU4SnVnS1F0V3ZGSlZxS1U5TW5mYkpZem1Yc255eWRXeENvZEJIbjRtVnJrTXhmckJoOFZvNVJXbmtkSTdyMXR4dVZuUXNkRkwwNWpLbTAtcVk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWdYNlBkRWNucFlrV0htVTEtRUNFM1g0TFRfVHpIR0V3LXVtTHZFcENmQQ==&google_push

Request Chain 48

https://rtb.openx.net/sync/dds?google_gid=CAESEAfrrBRGUeKbqYR7-7JlhSo&google_cver=1&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEAfrrBRGUeKbqYR7-7JlhSo&google_cver=1&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg&google_hm=AzK2JKaSwqM0M5RIov_XOA==

Request Chain 49

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENcxbFLStjwi1Vc5U0LdlZ8&google_cver=1&google_push=AQvitULkHT44VT-WtSkGk9Xs0bZrKNuxOmPET7CO-iE3r_KiIt2AWM_4c0GSnRuD98kpc3p5OnK2tZzjGhRlWs8hvpfliqQNmg4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENcxbFLStjwi1Vc5U0LdlZ8&google_cver=1&google_push=AQvitULkHT44VT-WtSkGk9Xs0bZrKNuxOmPET7CO-iE3r_KiIt2AWM_4c0GSnRuD98kpc3p5OnK2tZzjGhRlWs8hvpfliqQNmg4&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULkHT44VT-WtSkGk9Xs0bZrKNuxOmPET7CO-iE3r_KiIt2AWM_4c0GSnRuD98kpc3p5OnK2tZzjGhRlWs8hvpfliqQNmg4

Request Chain 50

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOL1qSTRZcdrOjyC-C7dkpE&google_cver=1&google_push=AQvitUK1ENQgOi18f-B4WsOtPVFCtXzDBGcmm0SS9GFAHLruzQrqp020URfq4-Ad-96wik8AfdDOO7rr3ZxaYE-u4q_TyWclj7E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0OUktQS1BNE1H&google_push=AQvitUK1ENQgOi18f-B4WsOtPVFCtXzDBGcmm0SS9GFAHLruzQrqp020URfq4-Ad-96wik8AfdDOO7rr3ZxaYE-u4q_TyWclj7E

Request Chain 51

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_cver=1&google_push=AQvitUKwAD2jPrrNOuQSHFSjqGM5dzKVm2zia9i8sCjmkuBnsxqYk4wr-s7xpJtsKumuucH-EGlk59EoB_Lfk1BrCpLrAHUJ__w HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_cver=1&google_push=AQvitUKwAD2jPrrNOuQSHFSjqGM5dzKVm2zia9i8sCjmkuBnsxqYk4wr-s7xpJtsKumuucH-EGlk59EoB_Lfk1BrCpLrAHUJ__w&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_cver=1&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_push=AQvitUKwAD2jPrrNOuQSHFSjqGM5dzKVm2zia9i8sCjmkuBnsxqYk4wr-s7xpJtsKumuucH-EGlk59EoB_Lfk1BrCpLrAHUJ__w

Request Chain 74

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIqUeu2afCvmzWokSNSYPir3BLqPDYIEf5TCHBJwLXZUWsttCkJtrP0IQllOhPMvlMYNfoihlBCKXyRQyfYnmefZRp924z5&google_gid=CAESEI1rttULy1Qv5e8DQ1R7O-M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2VmJRQUFBUnBiV1ViTA&google_push=AQvitUIqUeu2afCvmzWokSNSYPir3BLqPDYIEf5TCHBJwLXZUWsttCkJtrP0IQllOhPMvlMYNfoihlBCKXyRQyfYnmefZRp924z5

Request Chain 75

https://d.agkn.com/pixel/2175/?google_gid=CAESECJzgtA_p82hA8zJhJj5zso&google_cver=1&google_push=AQvitUJYzW2R2s3aW-R4PJ9Y1s3vxx3p6UG7nF-UTjfYHLGh2dS8VjfrAM1a3hlWa3nTyyBu1jKicZ4pNKcNjbW7q3iYPeVqqoSLIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJYzW2R2s3aW-R4PJ9Y1s3vxx3p6UG7nF-UTjfYHLGh2dS8VjfrAM1a3hlWa3nTyyBu1jKicZ4pNKcNjbW7q3iYPeVqqoSLIQ&google_hm=Q0FFU0VDSnpndEFfcDgyaEE4ekpoSmo1enNv

Request Chain 76

https://rtb.openx.net/sync/dds?google_gid=CAESEOEWwQF50SSw7l_zi8zpCGM&google_cver=1&google_push=AQvitUJF_VWiNFvxFGQ-dCOZ5Z3vXRXZpvsrF_Tsu4M81vMNnDz4E0kDk60jvCnSlh6msMCC7euwU2uOffsgOhtEWnyol-W8GtNW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJF_VWiNFvxFGQ-dCOZ5Z3vXRXZpvsrF_Tsu4M81vMNnDz4E0kDk60jvCnSlh6msMCC7euwU2uOffsgOhtEWnyol-W8GtNW&google_hm=AzK2JKaSwqM0M5RIov_XOA==

Request Chain 77

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHTL3ALD7C6pVjAf2MfeI-I&google_cver=1&google_push=AQvitULqcNN4qd21sJcmTtlCPxwP77PWDCisR13VwGRtAqc6hImoJrN67nW7uGJfVcWYtrZifb8plssreoclFKE3D437Yh7RbVHM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULqcNN4qd21sJcmTtlCPxwP77PWDCisR13VwGRtAqc6hImoJrN67nW7uGJfVcWYtrZifb8plssreoclFKE3D437Yh7RbVHM

Request Chain 78

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECv4UlDC8oyG8v5DMZk03f8&google_cver=1&google_push=AQvitUI_J6eMgrdOkvZUcudi3y5jgy2zDPVCM3pVKNl6YNp2AK2Z5NttTP0Bz72RzQjLNmD3YOCkCOg2VoQ9nHOeZFmkR61b3dZEsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0SFYtMTItN0pVMg==&google_push=AQvitUI_J6eMgrdOkvZUcudi3y5jgy2zDPVCM3pVKNl6YNp2AK2Z5NttTP0Bz72RzQjLNmD3YOCkCOg2VoQ9nHOeZFmkR61b3dZEsA

Request Chain 79

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI_jaF-DC_b_Xov7_Xkhlps&google_cver=1&google_push=AQvitUI0WebGG0gl0wyto1cSjoJ0NbGGWZWypfBaH94cTXkUPVE-92yR_Blc6g9h_T9v-Lb8w-WGg9XVWYMR0doAHHamykco_qq19Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_push=AQvitUI0WebGG0gl0wyto1cSjoJ0NbGGWZWypfBaH94cTXkUPVE-92yR_Blc6g9h_T9v-Lb8w-WGg9XVWYMR0doAHHamykco_qq19Q&google_cver=1&google_gid=CAESEI_jaF-DC_b_Xov7_Xkhlps

83 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.bouncycastle.org/
Redirect Chain

http://www.bouncycastle.org/
https://www.bouncycastle.org/

11 KB
4 KB

809ms
271ms

Document
text/html

203.32.61.103
INTERVOLVE-MELBOU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bouncycastle.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.32.61.103 , Australia, ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: 849593040f79f62f9239aa684da837b8aa3d352a6c84922f6fdbc0cc2c5d9ce5

Request headers

Host: www.bouncycastle.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 08:48:43 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 10:19:13 GMT
ETag: "2ac7-5c00031e7b4e3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4096
Content-Type: text/html
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

Redirect headers

Date: Tue, 20 Apr 2021 08:48:42 GMT
Server: Apache
Location: https://www.bouncycastle.org/
Content-Length: 213
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bouncycastle.css
www.bouncycastle.org/ 5 KB
1 KB 268ms
267ms Stylesheet
text/css 203.32.61.103
INTERVOLVE-MELBOU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bouncycastle.org/bouncycastle.css
Requested by: Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.32.61.103 , Australia, ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: 13bafc802ee6808de8e529f28d0a58bf27a65fbbe6ac1dbc19ed405dd1091d75

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bouncycastle.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.bouncycastle.org/
Connection: keep-alive
Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 08:48:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2017 01:10:56 GMT
Server: Apache
ETag: "12fb-557ee3331048d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1205

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98686dc2034f008687be3cae14c7561ec818c0a48c21cd9500e76a2f21275039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48178
x-xss-protection: 0
server: cafe
etag: 15975590666456113810
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 08:48:43 GMT

GET
H/1.1 200
OK home_logo.gif
www.bouncycastle.org/images/ 17 KB
17 KB 537ms
269ms Image
image/gif 203.32.61.103
INTERVOLVE-MELBOU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bouncycastle.org/images/home_logo.gif
Requested by: Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.32.61.103 , Australia, ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: a9f0d5bcfc032e5d09ac84b367a0ae0459ec9b3ef65c4d8a20608726f6b46200

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bouncycastle.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bouncycastle.org/
Connection: keep-alive
Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 08:48:44 GMT
Last-Modified: Thu, 19 Aug 2004 11:46:45 GMT
Server: Apache
ETag: "4227-3e200563f5340"
Content-Type: image/gif
Cache-Control: max-age=7776000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16935
Expires: Mon, 19 Jul 2021 08:48:44 GMT

GET
H/1.1 200
OK Twitter_Logo_Blue32x32.png
www.bouncycastle.org/images/ 2 KB
3 KB 857ms
286ms Image
image/png 203.32.61.103
INTERVOLVE-MELBOU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bouncycastle.org/images/Twitter_Logo_Blue32x32.png
Requested by: Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.32.61.103 , Australia, ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: 5cf92c94cc87abe969606346ec5dcd4ee4480f0d892038a2a3ab09a01efd2f91

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bouncycastle.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bouncycastle.org/
Connection: keep-alive
Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 08:48:44 GMT
Last-Modified: Sun, 11 Aug 2019 02:07:24 GMT
Server: Apache
ETag: "9e3-58fcdde4efb95"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2531

GET
H/1.1 200
OK FB-f-Logo__blue_32.png
www.bouncycastle.org/images/ 580 B
849 B 856ms
285ms Image
image/png 203.32.61.103
INTERVOLVE-MELBOU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bouncycastle.org/images/FB-f-Logo__blue_32.png
Requested by: Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.32.61.103 , Australia, ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: 9e99942f5bdd68323fffc05a2b75bd124e4a4fa726f8f8f05b3bfbfc820f2303

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bouncycastle.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bouncycastle.org/
Connection: keep-alive
Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 08:48:44 GMT
Last-Modified: Mon, 25 Nov 2013 10:18:24 GMT
Server: Apache
ETag: "244-4ebfdaf1cdc00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 580

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/ 222 KB
83 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3929421303013343&plah=www.bouncycastle.org&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84655
x-xss-protection: 0
server: cafe
etag: 16615013293570182620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Apr 2021 08:48:43 GMT

GET
H/1.1 200
OK pageBG.gif
www.bouncycastle.org/images/ 593 B
934 B 589ms
287ms Image
image/gif 203.32.61.103
INTERVOLVE-MELBOU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bouncycastle.org/images/pageBG.gif
Requested by: Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/bouncycastle.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.32.61.103 , Australia, ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: 12d881e5d3d0215fe19b96d6af554e6258b7b98a85628667a4cf83729fc8b5d2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bouncycastle.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bouncycastle.org/bouncycastle.css
Connection: keep-alive
Referer: https://www.bouncycastle.org/bouncycastle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 08:48:44 GMT
Last-Modified: Mon, 02 Aug 2004 12:47:11 GMT
Server: Apache
ETag: "251-3e0ab331251c0"
Content-Type: image/gif
Cache-Control: max-age=7776000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 593
Expires: Mon, 19 Jul 2021 08:48:44 GMT

GET
H/1.1 200
OK titleBG.gif
www.bouncycastle.org/images/ 1 KB
2 KB 792ms
267ms Image
image/gif 203.32.61.103
INTERVOLVE-MELBOU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bouncycastle.org/images/titleBG.gif
Requested by: Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/bouncycastle.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.32.61.103 , Australia, ASN45577 (INTERVOLVE-MELBOURNE-AS-AP Intervolve Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: 28532b3063f948378d37bd1d0ba473ab88a93a040328650661d70aabf010de64

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.bouncycastle.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.bouncycastle.org/bouncycastle.css
Connection: keep-alive
Referer: https://www.bouncycastle.org/bouncycastle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 08:48:44 GMT
Last-Modified: Mon, 02 Aug 2004 12:46:14 GMT
Server: Apache
ETag: "59d-3e0ab2fac9180"
Content-Type: image/gif
Cache-Control: max-age=7776000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1437
Expires: Mon, 19 Jul 2021 08:48:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/ Frame 06F9 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210415/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bouncycastle.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bouncycastle.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 14:54:34 GMT
expires: Mon, 03 May 2021 14:54:34 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 64449
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
645 B 41ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bouncycastle.org&callback=_gfp_s_&client=ca-pub-3929421303013343

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3929421303013343&plah=www.bouncycastle.org&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9b5fc9a0cbe8c0bf4db0ee435bd3407525de86cccd8f641fa583b0feae434bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bouncycastle.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bouncycastle.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F57 70 KB
23 KB 539ms
526ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&slotname=5658880125&adk=3219384348&adf=920885222&pi=t.ma~as.5658880125&w=1199&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&psa=0&format=1199x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523903&bpp=19&bdt=271&idt=65&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2717994295927&frm=20&pv=2&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z1N0fR3kzo&p=https%3A//www.bouncycastle.org&dtd=83

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c00a14d3b42a0c0c85ba78e64e63ca224274cf6c06459ad02fd712c7ebb89af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&slotname=5658880125&adk=3219384348&adf=920885222&pi=t.ma~as.5658880125&w=1199&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&psa=0&format=1199x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523903&bpp=19&bdt=271&idt=65&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2717994295927&frm=20&pv=2&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z1N0fR3kzo&p=https%3A//www.bouncycastle.org&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bouncycastle.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bouncycastle.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 08:48:44 GMT
server: cafe
content-length: 23567
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Apr-2021 09:03:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 08:48:44 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831909828443"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6ADB 3 KB
591 B 45ms
44ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&adk=1812271804&adf=3025194257&lmt=1618481953&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bouncycastle.org%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523922&bpp=4&bdt=291&idt=74&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1199x280&nras=1&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=79

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e7bf96d06d90ddcac0e71bb2e2eeb8142097cd0af107e465b6ebbf35d06587b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3929421303013343&output=html&adk=1812271804&adf=3025194257&lmt=1618481953&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bouncycastle.org%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523922&bpp=4&bdt=291&idt=74&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1199x280&nras=1&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bouncycastle.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bouncycastle.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 08:48:44 GMT
server: cafe
content-length: 568
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Apr-2021 09:03:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 08:48:44 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bouncycastle.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bouncycastle.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D18 74 KB
25 KB 724ms
724ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&adk=4175846939&adf=3603122201&pi=t.aa~a.920193721~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0&nras=2&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JzBz0koLyX&p=https%3A//www.bouncycastle.org&dtd=9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

905a3c13e3ef35a1d00a98bbce49e85807ab4fd22f27f5e6e33d67025094e908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&adk=4175846939&adf=3603122201&pi=t.aa~a.920193721~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0&nras=2&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JzBz0koLyX&p=https%3A//www.bouncycastle.org&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bouncycastle.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bouncycastle.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 08:48:44 GMT
server: cafe
content-length: 25833
x-xss-protection: 0
set-cookie: IDE=AHWqTUk7wyMfkbvGZWuq9QvP8AQFj0aL0QO6n_Z94KeW8RRTpMoKiLuTxlcd2dlxKHY; expires=Sun, 15-May-2022 08:48:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 08:48:44 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD62 73 KB
25 KB 347ms
347ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=60&adk=2219768980&adf=3798482485&pi=t.aa~a.1372487962~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x60&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0%2C1200x280&nras=3&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gg4qWb78iF&p=https%3A//www.bouncycastle.org&dtd=12

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1471722d54a7f4cc51d9c7ade3f7dc14919704aa0c43302fcdcd573e3da9e0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3929421303013343&output=html&h=60&adk=2219768980&adf=3798482485&pi=t.aa~a.1372487962~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x60&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0%2C1200x280&nras=3&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gg4qWb78iF&p=https%3A//www.bouncycastle.org&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bouncycastle.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bouncycastle.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Apr 2021 08:48:44 GMT
server: cafe
content-length: 25786
x-xss-protection: 0
set-cookie: IDE=AHWqTUmIQi82mV1iYQJ23XmExzqyKX7gtSxCBIZ44gyJsnznBVWmBRNbySTGjmTzUdk; expires=Sun, 15-May-2022 08:48:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Apr 2021 08:48:44 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame AD62 3 KB
674 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=60&adk=2219768980&adf=3798482485&pi=t.aa~a.1372487962~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x60&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0%2C1200x280&nras=3&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gg4qWb78iF&p=https%3A//www.bouncycastle.org&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 07:09:32 GMT
server: ESF
date: Tue, 20 Apr 2021 08:48:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame AD62 1 KB
989 B 31ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:45:04 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame AD62 17 KB
7 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:47:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame AD62 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:46:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD62 118 KB
36 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame AD62 13 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:47:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AD62 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3Igkn-S8QGd6O7OnrjpBm2XwywbDzoQIr3yDNhx4p5D7m1qAqpymeblHDYody2HaKsIjnjqcZUCb46xD1UK-Vhe1ogA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=60&adk=2219768980&adf=3798482485&pi=t.aa~a.1372487962~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x60&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0%2C1200x280&nras=3&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gg4qWb78iF&p=https%3A//www.bouncycastle.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame AD62 25 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 314818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 15 Jul 2021 17:21:46 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame AD62 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHOQJbJV-YOXdBovFgAfyzbLoBdzx14Vem4rL1rwNwI23ARABIOqgpiJglYr4gZQHoAHC2NOmAsgBCakCzZ7FXaVTsj6oAwHIA8sEqgTgAU_QVuotbULnNUUcBA8nnD6WkQSvQcvOpPURVDD2dGCoJxJvvXQtYFGk2ggOoIAHpmLOO4s5ustq-qKV18tYLZyZH5z03aR_uTYyVP7gzwzFp1LjcPhM_yNcQ56LnhexQeB6rgWZCDla9nacrffgzc7BjB1suevRbckQA3u-Lj3dlCsh4AAl7mq5O3pMthNSrEMy7giDPi_ErI8PQkq4qrqzPSu2QQV9lEvThD9qtFQ7ji9S1TEYXVYY_6fd_Dyw03pJlXux45V_vRPC2Nr-EeR4ILiwtPBvPah-QLPW7n_EwASqhqDrjQOSBQQIBBgBkgUECAUYBKAGLoAHpqes2QGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQm-oR0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTCrIXGgoYCAASFHB1Yi0zOTI5NDIxMzAzMDEzMzQz&sigh=hXqDUentuIc&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=60&adk=2219768980&adf=3798482485&pi=t.aa~a.1372487962~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x60&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0%2C1200x280&nras=3&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gg4qWb78iF&p=https%3A//www.bouncycastle.org&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 08:48:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5085913710216848608/ Frame AD62 5 KB
5 KB 21ms
11ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5085913710216848608/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

261dc4472b517d3fa33e09dc7e8018e1dc16c0fa25854a706c1ff70acb89c97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 10:15:22 GMT
x-content-type-options: nosniff
age: 513202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5423
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 07:39:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 10:15:22 GMT

GET
DATA 200
OK truncated
/ Frame AD62 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51A8 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 16:59:40 GMT
expires: Tue, 20 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 56944
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AD62 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e5521008c59613f06d77695c54fcbe79ace6b35d8ddafa410398f4eb047479

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AD62 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 456342
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AD62 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 168306
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 8F57 6 KB
669 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&slotname=5658880125&adk=3219384348&adf=920885222&pi=t.ma~as.5658880125&w=1199&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&psa=0&format=1199x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523903&bpp=19&bdt=271&idt=65&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2717994295927&frm=20&pv=2&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z1N0fR3kzo&p=https%3A//www.bouncycastle.org&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 07:12:53 GMT
server: ESF
date: Tue, 20 Apr 2021 08:48:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 8F57 1 KB
909 B 23ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:45:04 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 8F57 17 KB
7 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:47:26 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 8F57 2 KB
1 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:46:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F57 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 8F57 13 KB
5 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:47:53 GMT

GET
H3-29 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame 8F57 25 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 11:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 10:27:13 GMT
server: sffe
age: 510327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Tue, 13 Jul 2021 11:03:17 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17050051060560922630/ Frame 8F57 9 KB
9 KB 22ms
13ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17050051060560922630/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b265eca06ee31dda095ea988a8626bc875926cea5ee8a207590780ea394358fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:14:53 GMT
x-content-type-options: nosniff
age: 455631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9293
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 16:22:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:14:53 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13458937782056211395/ Frame 8F57 1 KB
1 KB 23ms
14ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13458937782056211395/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b36bf37970fc4e1fecb43022950cc289a14ee8f1cdfbe5f41bc1a4eedb72c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 22:02:18 GMT
x-content-type-options: nosniff
age: 125186
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 16:35:33 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 22:02:18 GMT

GET
DATA 200
OK truncated
/ Frame 8F57 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F57 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaKyqbJV-YO2aAdjSgQeMm5WQDafby6Jit6PO67cNmOu9-4kOEAEg6qCmImCViviBlAegAY_4_vQCyAEJqQLhY22saTW0PqgDAcgDywSqBOIBT9D3XhPt1JegkJ5YUMpGHi10XwJ8DwRwVx4U8WtgV4i_Pkx_my2TWi5N86Mo-P1BWSRt22e5lyW0GJGvJLcg2kwB6H2j1_NpQlqW3O3vGXeZiSzMI0uB8jFmQtjKxffXffYkOiQEXgQIFhZiBrxoV7_t2IUNtV06xzXmpCtblOmYPnPvSJBI7Ylp0osafGkiucGheBmUADE2gUGoEYx9q378cLghkU0xOU3Lwcle59Rhlk3hkcHuS94LBN7hpD-yI_wcs62Wny_7qaVhv47DTBvJ2Te2S2vrKf3QosvsJ-IOjcAEleLRmbgDkgUECAQYAZIFBAgFGASgBi6AB9mHgYsBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEM28zwnSCAkIgOGAEBABGB-ACgHICwHYEw2IFAeyFxoKGAgAEhRwdWItMzkyOTQyMTMwMzAxMzM0Mw&sigh=xQaTYybrJzA&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&slotname=5658880125&adk=3219384348&adf=920885222&pi=t.ma~as.5658880125&w=1199&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&psa=0&format=1199x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908523903&bpp=19&bdt=271&idt=65&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2717994295927&frm=20&pv=2&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z1N0fR3kzo&p=https%3A//www.bouncycastle.org&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 08:48:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 51A8 35 B
465 B 26ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGldO3tRXEmNETxI_rDfh1E&google_cver=1&google_push=AQvitUIgTzUGlEFqbTUWeKB96-a5XdtsrboTClcZJXa3tFkitmcxFE9QgZeAgGs9PjWw4d33khX1dkh9DBDiqrQOqt9rvo9U_FE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 51A8
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIXWOGPN_3Ov58JugKQtWvFJVqKU9MnfbJYzmXsnyydWxCodBHn4mVrkMxfrBh8Vo5RWnkdI7r1txuVnQsdFL05jKm0-qY&google_gid=CAESEKaZ9IsysrSrcgi0LotnQQ8&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOyq-oMGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVJWFdPR1BOXzNPdjU4SnVnS1F0V3ZGSlZxS1U5TW5mYkpZem1Yc255eWRXeENvZEJIbjRtVnJrTXhmckJoOFZvNVJXbmtkSTdyMXR4dVZuUX...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWdYNlBkRWNucFlrV0htVTEtRUNFM1g0TFRfVHpIR0V3LXVtTHZFcENmQQ==&google_push

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWdYNlBkRWNucFlrV0htVTEtRUNFM1g0TFRfVHpIR0V3LXVtTHZFcENmQQ==&google_push

Requested by

Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Apr 2021 08:48:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSWdYNlBkRWNucFlrV0htVTEtRUNFM1g0TFRfVHpIR0V3LXVtTHZFcENmQQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 51A8 43 B
324 B 60ms
18ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEL-y343ASDw1V4hgxr0qHGs&google_push=AQvitUL2Fgxodp-rmiQ_ndxTjcGFxvCb3xrwEWmvOeSoUrwAdnG1aex6kIO7r3d-sXu4ooQeAAPLAsuc2wGpbCu3v5IxF44BhFg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=60&adk=2219768980&adf=3798482485&pi=t.aa~a.1372487962~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x60&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=1&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0%2C1200x280&nras=3&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gg4qWb78iF&p=https%3A//www.bouncycastle.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 51A8
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAfrrBRGUeKbqYR7-7JlhSo&google_cver=1&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg
https://rtb.openx.net/sync/dds?google_gid=CAESEAfrrBRGUeKbqYR7-7JlhSo&google_cver=1&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg&google_hm=AzK2JKaSwqM0M5RIov_XOA==

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg&google_hm=AzK2JKaSwqM0M5RIov_XOA==

Requested by

Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:43 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIMEZPQcr6qrH95yS7a6agk32kKKSR4QFysj5H66ZN-LngOIpWwcVEFyd0jX_yYYN6qYIMkzBYfmP-Ru8jZ8eWq_ASLOVg&google_hm=AzK2JKaSwqM0M5RIov_XOA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: fqpfjml1j11p4ud5g648fsoe8ovd6vev

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 51A8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULkHT44VT-WtSkGk9Xs0bZrKNuxOmPET7CO-iE3r_KiIt2AWM_4c0GSnRuD98kpc3p5OnK2tZzjGhRlWs8hvpfliqQNmg4

Requested by

Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULkHT44VT-WtSkGk9Xs0bZrKNuxOmPET7CO-iE3r_KiIt2AWM_4c0GSnRuD98kpc3p5OnK2tZzjGhRlWs8hvpfliqQNmg4
Date: Tue, 20 Apr 2021 08:48:43 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 51A8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOL1qSTRZcdrOjyC-C7dkpE&google_cver=1&google_push=AQvitUK1ENQgOi18f-B4WsOtPVFCtXzDBGcmm0SS9GFAHLruzQrqp020URfq4-Ad-96wik8AfdD...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0OUktQS1BNE1H&google_push=AQvitUK1ENQgOi18f-B4WsOtPVFCtXzDBGcmm0SS9GFAHLruzQrqp020URfq4-Ad-96wik8AfdDOO7rr3ZxaYE-u4q_TyWclj7E

170 B
188 B

32ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0OUktQS1BNE1H&google_push=AQvitUK1ENQgOi18f-B4WsOtPVFCtXzDBGcmm0SS9GFAHLruzQrqp020URfq4-Ad-96wik8AfdDOO7rr3ZxaYE-u4q_TyWclj7E

Requested by

Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0OUktQS1BNE1H&google_push=AQvitUK1ENQgOi18f-B4WsOtPVFCtXzDBGcmm0SS9GFAHLruzQrqp020URfq4-Ad-96wik8AfdDOO7rr3ZxaYE-u4q_TyWclj7E
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 51A8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_cver=1&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_push=AQvitUKwAD2jPrrNOuQSHFSjqGM5dzKVm2zia...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_cver=1&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_push=AQvitUKwAD2jPrrNOuQSHFSjqGM5dzKVm2zia9i8sCjmkuBnsxqYk4wr-s7xpJtsKumuucH-EGlk59EoB_Lfk1BrCpLrAHUJ__w

Requested by

Host: www.bouncycastle.org
URL: https://www.bouncycastle.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 08:48:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_cver=1&google_gid=CAESEEu595hltklPYW2VYfpXu8g&google_push=AQvitUKwAD2jPrrNOuQSHFSjqGM5dzKVm2zia9i8sCjmkuBnsxqYk4wr-s7xpJtsKumuucH-EGlk59EoB_Lfk1BrCpLrAHUJ__w
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 51A8 0
236 B 61ms
15ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L73YeYBKisIlGhC1T0qSVF-liyRv4BFIuLFthLLDuwE-sOuyBZoq11fK9J4uBG_CRYIrii

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:44 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 57B7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 14:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64871
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 14:47:33 GMT

GET
DATA 200
OK truncated
/ Frame 8F57 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62ed3bc1dba20b8af4d8de839f1f24149e1f5b9630e9cd1c914db9e92f35937d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8F57 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 188721
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:23:23 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8F57 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 41576
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:48 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 16E7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 14:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64871
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 14:47:33 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9D18 6 KB
669 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&adk=4175846939&adf=3603122201&pi=t.aa~a.920193721~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0&nras=2&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JzBz0koLyX&p=https%3A//www.bouncycastle.org&dtd=9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 07:07:34 GMT
server: ESF
date: Tue, 20 Apr 2021 08:48:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9D18 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:45:04 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 9D18 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:47:26 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9D18 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:46:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D18 118 KB
36 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618831897855645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36793
x-xss-protection: 0
expires: Tue, 20 Apr 2021 08:48:44 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9D18 13 KB
5 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 May 2021 08:47:53 GMT

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 9D18 25 KB
10 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 314818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 15 Jul 2021 17:21:46 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12973770216060114823/ Frame 9D18 6 KB
6 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12973770216060114823/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a02d7a2cb88c582afe686f669a3abab598ae566b6590fa8713732874115418d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:39:21 GMT
x-content-type-options: nosniff
age: 324563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5748
x-xss-protection: 0
last-modified: Thu, 15 Oct 2020 16:32:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Apr 2022 14:39:21 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6540956060850831231/ Frame 9D18 1010 B
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6540956060850831231/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4fadb15563d0a6c741fe5c8f0561ae014c001879a4f49acf5c7be26230e539b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:46:20 GMT
x-content-type-options: nosniff
age: 144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
last-modified: Thu, 15 Oct 2020 16:05:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 08:46:20 GMT

GET
DATA 200
OK truncated
/ Frame 9D18 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D18 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8yR2bJV-YKnBBuS6x_APq8OZaKfby6JigtTy2bYNmOu9-4kOEAEg6qCmImCViviBlAegAY_4_vQCyAEJqQKRzY_Hljy0PqgDAcgDywSqBN8BT9CJ0UkDws0dOsuJ4P7gvcC35rajhw3WCRN-XcZrHN9tXUGm1kSsjY24xHEaQW-jp609uZBSJBjOJgdvxu9nU7qLJJ4Woxw4mYry8TnuSaoM8enmPU0v_NCz12Th68yHZ0nFDoLTxvniBiIC7j-0Aj7SChYZEPaks11mbz-0h5PTCTsFmLuEf3EUxtn8AbNnoo7Tp9cUQg-LOxKncA0x23veV_yFn9ydFRgCYsOZL6y7RRaZl8de6RKPFxgfzRP_hGB4JL3E4XPWG_56XVS1lV8lVLmk85it0tG37lkFmMAEleLRmbgDkgUECAQYAZIFBAgFGASgBi6AB9mHgYsBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEILtvgHSCAkIgOGAEBABGB-ACgHICwHYEw2IFAzQFQGAFwGyFxoKGAgAEhRwdWItMzkyOTQyMTMwMzAxMzM0Mw&sigh=_ljdxU8S4oI&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3929421303013343&output=html&h=280&adk=4175846939&adf=3603122201&pi=t.aa~a.920193721~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618481953&rafmt=1&to=qs&pwprc=8721800611&psa=0&format=1200x280&url=https%3A%2F%2Fwww.bouncycastle.org%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618908524080&bpp=1&bdt=448&idt=-M&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9e6eb3d31bff4881-22328c909ba7003e%3AT%3D1618908524%3ART%3D1618908524%3AS%3DALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA&prev_fmts=1199x280%2C0x0&nras=2&correlator=2717994295927&frm=20&pv=1&ga_vid=913310852.1618908524&ga_sid=1618908524&ga_hid=733464264&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=90&ady=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C44736524%2C44740079%2C31060048&oid=3&pvsid=2552683041634424&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JzBz0koLyX&p=https%3A//www.bouncycastle.org&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Apr 2021 08:48:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4EC6 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 16:59:40 GMT
expires: Tue, 20 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 56944
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9D18 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c5913608e56ba04c159241b8d28117169b5d3ae58d59d7a4a3192b0f8958026

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9D18 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 188721
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:23:23 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9D18 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 41576
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:48 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4EC6 35 B
210 B 12ms
7ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENan-kk51HxtFarBRpc7wZY&google_cver=1&google_push=AQvitUKCtkG1j3vQYgNHtPGQ0m8xNfKbgPcwlzn0eHGsRl95zP5CL1YmbjQMGRMgBHiE6KyDzKut8vp3wpLiXbqs7UxZuHjcpUdtnw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4EC6
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIqUeu2afCvmzWokSNSYPir3BLqPDYIEf5TCHB...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2VmJRQUFBUnBiV1ViTA&google_push=AQvitUIqUeu2afCvmzWokSNSYPir3BLqPDYIEf5TCHBJwLXZUWsttCkJtrP0IQllOhPMvlMYNfoihlBCKXyRQyfYnmefZRp924z5

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2VmJRQUFBUnBiV1ViTA&google_push=AQvitUIqUeu2afCvmzWokSNSYPir3BLqPDYIEf5TCHBJwLXZUWsttCkJtrP0IQllOhPMvlMYNfoihlBCKXyRQyfYnmefZRp924z5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUg2VmJRQUFBUnBiV1ViTA&google_push=AQvitUIqUeu2afCvmzWokSNSYPir3BLqPDYIEf5TCHBJwLXZUWsttCkJtrP0IQllOhPMvlMYNfoihlBCKXyRQyfYnmefZRp924z5
Date: Tue, 20 Apr 2021 08:48:45 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4EC6
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECJzgtA_p82hA8zJhJj5zso&google_cver=1&google_push=AQvitUJYzW2R2s3aW-R4PJ9Y1s3vxx3p6UG7nF-UTjfYHLGh2dS8VjfrAM1a3hlWa3nTyyBu1jKicZ4pNKcNjbW7q3iYPeVqqoSLIQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJYzW2R2s3aW-R4PJ9Y1s3vxx3p6UG7nF-UTjfYHLGh2dS8VjfrAM1a3hlWa3nTyyBu1jKicZ4pNKcNjbW7q3iYPeVqqoSLIQ&google_hm=Q0FFU0VDSnpndEFfcDg...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJYzW2R2s3aW-R4PJ9Y1s3vxx3p6UG7nF-UTjfYHLGh2dS8VjfrAM1a3hlWa3nTyyBu1jKicZ4pNKcNjbW7q3iYPeVqqoSLIQ&google_hm=Q0FFU0VDSnpndEFfcDgyaEE4ekpoSmo1enNv

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 08:48:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJYzW2R2s3aW-R4PJ9Y1s3vxx3p6UG7nF-UTjfYHLGh2dS8VjfrAM1a3hlWa3nTyyBu1jKicZ4pNKcNjbW7q3iYPeVqqoSLIQ&google_hm=Q0FFU0VDSnpndEFfcDgyaEE4ekpoSmo1enNv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4EC6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOEWwQF50SSw7l_zi8zpCGM&google_cver=1&google_push=AQvitUJF_VWiNFvxFGQ-dCOZ5Z3vXRXZpvsrF_Tsu4M81vMNnDz4E0kDk60jvCnSlh6msMCC7euwU2uOffsgOhtEWnyol-W8GtNW
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJF_VWiNFvxFGQ-dCOZ5Z3vXRXZpvsrF_Tsu4M81vMNnDz4E0kDk60jvCnSlh6msMCC7euwU2uOffsgOhtEWnyol-W8GtNW&google_hm=AzK2JKaSwqM0M5RIov_XOA==

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJF_VWiNFvxFGQ-dCOZ5Z3vXRXZpvsrF_Tsu4M81vMNnDz4E0kDk60jvCnSlh6msMCC7euwU2uOffsgOhtEWnyol-W8GtNW&google_hm=AzK2JKaSwqM0M5RIov_XOA==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:44 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJF_VWiNFvxFGQ-dCOZ5Z3vXRXZpvsrF_Tsu4M81vMNnDz4E0kDk60jvCnSlh6msMCC7euwU2uOffsgOhtEWnyol-W8GtNW&google_hm=AzK2JKaSwqM0M5RIov_XOA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: dg6vtqq5s7keo7cp6gh9v86hd1knoko8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4EC6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULqcNN4qd21sJcmTtlCPxwP77PWDCisR13VwGRtAqc6hImoJrN67nW7uGJfVcWYtrZifb8plssreoclFKE3D437Yh7RbVHM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6fX411WISKyFHC5viG6G9A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULqcNN4qd21sJcmTtlCPxwP77PWDCisR13VwGRtAqc6hImoJrN67nW7uGJfVcWYtrZifb8plssreoclFKE3D437Yh7RbVHM
Date: Tue, 20 Apr 2021 08:48:43 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4EC6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECv4UlDC8oyG8v5DMZk03f8&google_cver=1&google_push=AQvitUI_J6eMgrdOkvZUcudi3y5jgy2zDPVCM3pVKNl6YNp2AK2Z5NttTP0Bz72RzQjLNmD3YOC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0SFYtMTItN0pVMg==&google_push=AQvitUI_J6eMgrdOkvZUcudi3y5jgy2zDPVCM3pVKNl6YNp2AK2Z5NttTP0Bz72RzQjLNmD3YOCkCOg2VoQ9nHOeZFmkR61b3dZEsA

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0SFYtMTItN0pVMg==&google_push=AQvitUI_J6eMgrdOkvZUcudi3y5jgy2zDPVCM3pVKNl6YNp2AK2Z5NttTP0Bz72RzQjLNmD3YOCkCOg2VoQ9nHOeZFmkR61b3dZEsA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05QU0M0SFYtMTItN0pVMg==&google_push=AQvitUI_J6eMgrdOkvZUcudi3y5jgy2zDPVCM3pVKNl6YNp2AK2Z5NttTP0Bz72RzQjLNmD3YOCkCOg2VoQ9nHOeZFmkR61b3dZEsA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4EC6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI_jaF-DC_b_Xov7_Xkhlps&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_push=AQvitUI0WebGG0gl0wyto1cSjoJ0NbGGWZWypfBaH94cTXkUPVE-92yR_Blc6g9h_T9v-Lb8w-WGg9XVWYMR0doAHH...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_push=AQvitUI0WebGG0gl0wyto1cSjoJ0NbGGWZWypfBaH94cTXkUPVE-92yR_Blc6g9h_T9v-Lb8w-WGg9XVWYMR0doAHHamykco_qq19Q&google_cver=1&google_gid=CAESEI_jaF-DC_b_Xov7_Xkhlps

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Apr 2021 08:48:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YH6VbA_rSGdf_k8ri8wCGAAABJAAAAAB&google_push=AQvitUI0WebGG0gl0wyto1cSjoJ0NbGGWZWypfBaH94cTXkUPVE-92yR_Blc6g9h_T9v-Lb8w-WGg9XVWYMR0doAHHamykco_qq19Q&google_cver=1&google_gid=CAESEI_jaF-DC_b_Xov7_Xkhlps
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Tue, 20 Apr 2021 08:48:45 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 4EC6 0
12 B 18ms
15ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Li60Our7RbNmfOB6IoGm5awchsHfQ1Yp1rlq3G9XePlzarwrvxcDC0VTiQiWRg4u7aI7l5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:44 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 30ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210415&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

162e3e45eb1d698a4ed1f95d2b40e1199e165957e80674d05d027125f72aa38b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Apr 2021 08:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6635
x-xss-protection: 0

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame C75B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 14:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 14:47:33 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 20 Apr 2021 08:48:45 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame CE1F 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bouncycastle.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bouncycastle.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 20 Apr 2021 08:38:07 GMT
expires: Wed, 20 Apr 2022 08:38:07 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 638
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame CE1F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 14:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 64872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Tue, 19 Apr 2022 14:47:33 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210415&jk=2552683041634424&bg=!UFOlUxfNAAZUuIlwVLg7ACkAdvg8WniplfI-mNSM9sp3t-pI53Gg6B5CpJpTW6KmDMG5oT5EjiTVnwIAAABuUgAAABNoAQcKAH7yMfvGym1FcDmfgWQaJNq0mQocuDvcSjz7jpmpY8rOWOMR19vCtjmnKA3WFZn18afu7HblP8n6nFsb31RRsttE-Zms8ZJpmSfulIdLUiF6o5WKljHhgtu-PUvDSaAudU2EZro1PMWFcezzmfvuD0mcKlwt3VfhVGgWB0AK8OuZAdWwfvODSlrMjKxKkyme7Ps5XBHPM93AOLt_D5ZmWt4l0ZfGpkdWSBuVnzXrgVAwFCTAjqcVPCDhpQA02J1zd7TqzyAkqwGQmXRTLcZdJcSKvmBYyoMjuxqHAF2hGKR0DP2wlYNN21gvQAJOq8nBejEM9A1jwafdm3p5rQk-iXEBZk0mUA3wowSKlT5SS-o0WF-BspOhxOHy1zdx-uVM48wnoHzIOI1X-fc5ivKMqMzySDVOSKHOrtmHcLTFl33Rj9_100XmCTuxW1uqXl7VxjKnxbWihCEyiL02mnKBAkvAx1soMvCIS7UqG6wJW_E9tlEAmZTfXhXbL0GDdmnkSl9fXk38cDCWbqHrb6GyU4aY7Rr62OPhOrSHPQhWng4qjy-9UkN2-7jA40l0qLBwGODQ8HjaKSt1jFneQ6uMbVYh2oXnZU6rL69oIve6fjZrmCoiLHGJSElEJSkS8edBpfMnFnIaQWXgKSrDX92T_T0ijkphLn1xZTadmN54L9KEMOSWDTzKtP3_1sJA4vHWvn3mgL0fyrW8OMO4ew6Bq8QbsNkVE8jmQuJ4fny3Yy2MgeykACo3k1brHJJvJqPwWVA2juiXRfCi7N02w3XoJdCp0lSWWWrg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bouncycastle.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F57 42 B
501 B 35ms
16ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDJlVGB1VXMin0L5nSjVJYjeUZBqwznT3q6RAUkkNskgd_oegnV6RRYpzIsjP1qhf6yj_uRJk_NOEYS_B8JPtJCpx4CC-VloSsDlWWtlftYbTWefdnnZUui-Ed3g&sai=AMfl-YRZrnLEKwRCClgN7z-16n5fheCYVJP783TqXu1EPOjA49pJGf7LXj3SY9aUc2SSXg-iDwi9LlhMWsAq&sig=Cg0ArKJSzG6ouzD-ZGoPEAE&id=lidar2&mcvt=1001&p=68,161,348,1360&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3219384348&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1618908523991&dlt=574&rpt=67&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Apr 2021 08:48:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 03:03:24	Name: IDE Value: AHWqTUk7wyMfkbvGZWuq9QvP8AQFj0aL0QO6n_Z94KeW8RRTpMoKiLuTxlcd2dlxKHY
			.bouncycastle.org/	1970-01-20 03:03:24	Name: __gads Value: ID=9e6eb3d31bff4881-22328c909ba7003e:T=1618908524:RT=1618908524:S=ALNI_MYZN_QC6BG2t1Btya89vqeEvTeyrA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.bouncycastle.org
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
142.250.185.162
18.195.77.77
185.64.190.78
203.32.61.103
23.218.208.246
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
34.98.67.61
35.186.253.211
35.244.174.68
63.33.127.66
69.173.144.138
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
12d881e5d3d0215fe19b96d6af554e6258b7b98a85628667a4cf83729fc8b5d2
13bafc802ee6808de8e529f28d0a58bf27a65fbbe6ac1dbc19ed405dd1091d75
1471722d54a7f4cc51d9c7ade3f7dc14919704aa0c43302fcdcd573e3da9e0cd
162e3e45eb1d698a4ed1f95d2b40e1199e165957e80674d05d027125f72aa38b
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
261dc4472b517d3fa33e09dc7e8018e1dc16c0fa25854a706c1ff70acb89c97b
28532b3063f948378d37bd1d0ba473ab88a93a040328650661d70aabf010de64
2a02d7a2cb88c582afe686f669a3abab598ae566b6590fa8713732874115418d
2b36bf37970fc4e1fecb43022950cc289a14ee8f1cdfbe5f41bc1a4eedb72c5e
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c00a14d3b42a0c0c85ba78e64e63ca224274cf6c06459ad02fd712c7ebb89af
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5cf92c94cc87abe969606346ec5dcd4ee4480f0d892038a2a3ab09a01efd2f91
5e7bf96d06d90ddcac0e71bb2e2eeb8142097cd0af107e465b6ebbf35d06587b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62ed3bc1dba20b8af4d8de839f1f24149e1f5b9630e9cd1c914db9e92f35937d
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6c5913608e56ba04c159241b8d28117169b5d3ae58d59d7a4a3192b0f8958026
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
849593040f79f62f9239aa684da837b8aa3d352a6c84922f6fdbc0cc2c5d9ce5
905a3c13e3ef35a1d00a98bbce49e85807ab4fd22f27f5e6e33d67025094e908
98686dc2034f008687be3cae14c7561ec818c0a48c21cd9500e76a2f21275039
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5fc9a0cbe8c0bf4db0ee435bd3407525de86cccd8f641fa583b0feae434bb4
9e99942f5bdd68323fffc05a2b75bd124e4a4fa726f8f8f05b3bfbfc820f2303
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fadb15563d0a6c741fe5c8f0561ae014c001879a4f49acf5c7be26230e539b
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a9f0d5bcfc032e5d09ac84b367a0ae0459ec9b3ef65c4d8a20608726f6b46200
b265eca06ee31dda095ea988a8626bc875926cea5ee8a207590780ea394358fe
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
c2e5521008c59613f06d77695c54fcbe79ace6b35d8ddafa410398f4eb047479
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

www.bouncycastle.org Open in urlscan Pro 203.32.61.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

52 %IPv6

18 Domains

22 Subdomains

17 IPs

5 Countries

625 kBTransfer

1468 kBSize

2 Cookies

10 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bouncycastle.org Open in urlscan Pro
203.32.61.103 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

52 %
IPv6

18
Domains

22
Subdomains

17
IPs

5
Countries

625 kB
Transfer

1468 kB
Size

2
Cookies

83 HTTP transactions
6 data transactions