convertlive.com Open in urlscan Pro
176.58.108.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.convertlive.com/
Effective URL:
https://convertlive.com/
Submission: On March 01 via api (March 1st 2021, 10:25:00 pm UTC) from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 66 HTTP transactions. The main IP is 176.58.108.207, located in London, United Kingdom and belongs to LINODE-AP Linode, LLC, US. The main domain is convertlive.com.
TLS certificate: Issued by R3 on January 6th 2021. Valid for: 3 months.

This is the only time convertlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	176.58.108.207 176.58.108.207	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
66	13

7 176.58.108.207 (London, United Kingdom) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li473-207.members.linode.com

www.convertlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
convertlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	309 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	124 KB
8	doubleclick.net googleads.g.doubleclick.net	60 KB
7	convertlive.com 1 redirects www.convertlive.com convertlive.com	45 KB
3	googletagservices.com www.googletagservices.com	94 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google.com 1 redirects adservice.google.com www.google.com	668 B
2	google-analytics.com www.google-analytics.com	19 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	643 B
66	10

	Domain	Requested by
18	tpc.googlesyndication.com	convertlive.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	fonts.gstatic.com	fonts.googleapis.com
10	pagead2.googlesyndication.com	convertlive.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com convertlive.com googleads.g.doubleclick.net
6	convertlive.com	convertlive.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	convertlive.com tpc.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	convertlive.com www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.convertlive.com	1 redirects
66	14

This site contains no links.

Subject Issuer	Validity	Valid
convertlive.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://convertlive.com/
Frame ID: CFA4B996FE8874A8F46FDE543BA52BF7
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 5C246577FCA2035C28EC4B79984D8505
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
Frame ID: 37B635D372C8937C7BFDD1FC522FA6BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
Frame ID: E25C5DBBE5F715C2C4DC4DB58EA21776
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&adk=1812271804&adf=3025194257&lmt=1614637483&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fconvertlive.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614637483314&bpp=1&bdt=287&idt=90&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C300x600&nras=1&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=97
Frame ID: 757B08B5B64E8F2195C55904EEBDC66D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html
Frame ID: 9B698FCC3A2660E66255A4C20DDA0729
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CE7mQq2k9YKTxGqaP1fAP8aGI0A6chuKXYfXsrvb7DITBtauuARABIM3m5hVglQKgAZb-l9gDyAEJqQJXojaHJzm0PqgDAcgDSKoEtQFP0EOLZbfgWIQLt9NKlULCbK0GKE82SpNiKvFCdx9bVgBulG8NfmCsVSuA9ORbdEadgCbVMMO_rC5VcO7dPW5FhIazPChkTfjvm30QZirIPGreahW2xowwgt0KinqrXYDFdLtTMeoDBLPatG176gE9zmkOYDfrxJtClbXMUFCKbPnjTUliKYZgaK-cfrlfMGIO54aCrrwXby6trndqM8O5XkMorCDIUo1fPhWC7SV7CQ8ZlhSAwATY6PmmvQOSBQQIBBgBkgUECAUYBKAGLoAHl5KXYqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDZpwjSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNzI4NDMzODEyNDM2NTU0OQ&sigh=S23FWC4gw3w&template_id=419&tpd=AGWhJmuUGJJMfU4-FlhkAfH-Hdp2QaZcLann0QiDslUdOBnorw
Frame ID: 4A0F42786EA62C63E48405B4591D603E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E758BD1B2585E9BC13CABB63FC10225C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Frame ID: 5FA7FBF4D038B3515673849906247C6A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 654DB9DCC643DB3DC5C32C854AB94419
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.convertlive.com/ HTTP 301
https://convertlive.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

66
Requests

100 %
HTTPS

85 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

655 kB
Transfer

1580 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.convertlive.com/ HTTP 301
https://convertlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

66 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
convertlive.com/
Redirect Chain

https://www.convertlive.com/
https://convertlive.com/

23 KB
5 KB

159ms
36ms

Document
text/html

176.58.108.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://convertlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.58.108.207 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li473-207.members.linode.com
Software: nginx /
Resource Hash: 876db4afbee3328d870c5cc680fddb5cf7fabeba4edb32a811489a9e8864ab36

Request headers

:method: GET
:authority: convertlive.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Mon, 01 Mar 2021 22:24:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 01 Mar 2021 22:24:42 GMT
content-type: text/html
content-length: 178
location: https://convertlive.com/

GET
H2 200 styles.css
convertlive.com/ 38 KB
9 KB 31ms
30ms Stylesheet
text/css 176.58.108.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://convertlive.com/styles.css?3
Requested by: Host: convertlive.com
URL: https://convertlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.58.108.207 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li473-207.members.linode.com
Software: nginx /
Resource Hash: ac164842a87cba891adc00266ded0c36c3e6dfeb02b09a78e178885b4a7a53c0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 16:00:40 GMT
server: nginx
etag: W/"5d372f28-962a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot.png
convertlive.com/ 11 KB
12 KB 42ms
41ms Image
image/png 176.58.108.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convertlive.com/foot.png
Requested by: Host: convertlive.com
URL: https://convertlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.58.108.207 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li473-207.members.linode.com
Software: nginx /
Resource Hash: 3b0dc965805ed0d2ee526315397c412a3eefd7c18e34288d00456a9dd79e34b9

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
last-modified: Thu, 17 May 2018 17:06:52 GMT
server: nginx
etag: "5afdb6ac-2dcd"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11725
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
convertlive.com/ 22 KB
8 KB 45ms
44ms Script
application/javascript 176.58.108.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://convertlive.com/app.js?4
Requested by: Host: convertlive.com
URL: https://convertlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.58.108.207 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li473-207.members.linode.com
Software: nginx /
Resource Hash: 546ec14fd72def64f8f3073dbab982bd8591dcd76674e35b5378bd299b9f3edc

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Nov 2019 11:51:27 GMT
server: nginx
etag: W/"5dbd6dbf-579b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
816 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Requested by

Host: convertlive.com
URL: https://convertlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a206a557becbd00312233f6482262e545eabae21b67cace8ddf3c476ad6d268e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 22:24:43 GMT
server: ESF
date: Mon, 01 Mar 2021 22:24:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: convertlive.com
URL: https://convertlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49425
x-xss-protection: 0
server: cafe
etag: 12511417949189125007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H2 200 flags_om.png
convertlive.com/ 4 KB
4 KB 41ms
40ms Image
image/png 176.58.108.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convertlive.com/flags_om.png
Requested by: Host: convertlive.com
URL: https://convertlive.com/styles.css?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.58.108.207 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li473-207.members.linode.com
Software: nginx /
Resource Hash: 7802550b3c25ab21c239f5bc3b398f186789b0592d524cdcbc40863d66bda2e1

Request headers

Referer: https://convertlive.com/styles.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
last-modified: Thu, 17 May 2018 17:06:52 GMT
server: nginx
etag: "5afdb6ac-1083"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4227
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 convert.woff
convertlive.com/font/ 7 KB
7 KB 38ms
38ms Font
application/font-woff 176.58.108.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://convertlive.com/font/convert.woff?25009564
Requested by: Host: convertlive.com
URL: https://convertlive.com/styles.css?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.58.108.207 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li473-207.members.linode.com
Software: nginx /
Resource Hash: 91a9eff6710b317cd07d99fe63d5d091e6c33c2b6248391176fadf5300e7d96b

Request headers

Origin: https://convertlive.com
Referer: https://convertlive.com/styles.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
last-modified: Thu, 17 May 2018 17:06:52 GMT
server: nginx
accept-ranges: bytes
etag: "5afdb6ac-1b74"
content-length: 7028
content-type: application/font-woff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: convertlive.com
URL: https://convertlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1327
date: Mon, 01 Mar 2021 22:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 02 Mar 2021 00:02:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 323944
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 379687
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
expires: Fri, 25 Feb 2022 12:56:36 GMT

GET
H3-Q050 200 XoHn2YH6T7-t_8c9BhQIldUhlg.woff2
fonts.gstatic.com/s/candal/v10/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/candal/v10/XoHn2YH6T7-t_8c9BhQIldUhlg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4da637d509b6256da54558154dd0d984da233ff38dca34c3e1c777c69e6e9092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 03:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:40:41 GMT
server: sffe
age: 500382
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11472
x-xss-protection: 0
expires: Thu, 24 Feb 2022 03:25:01 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 392791
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 25 Feb 2022 09:18:12 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 355396
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:27 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:46 GMT
server: sffe
age: 355397
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8024
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:26 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 5 KB
5 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b19fc45724144b55385e002576d8f81df740d2ad3de39861528a89ce143bd00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 355396
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5004
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:27 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
86 KB 63ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7284338124365549&plah=convertlive.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://convertlive.com
Referer: https://fonts.googleapis.com/css?family=Candal|Roboto:200,400,700,900&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:45 GMT
server: sffe
age: 379698
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3384
x-xss-protection: 0
expires: Fri, 25 Feb 2022 12:56:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 5C24 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://convertlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://convertlive.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 01 Mar 2021 02:25:28 GMT
expires: Mon, 15 Mar 2021 02:25:28 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 71955
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=540730224&t=pageview&_s=1&dl=https%3A%2F%2Fconvertlive.com%2F&ul=en-us&de=UTF-8&dt=Unit%20Converter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=524340394&gjid=1678036150&cid=2080448843.1614637483&tid=UA-9794986-19&_gid=1685526793.1614637483&_r=1&_slc=1&z=1111044308

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 22:24:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://convertlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
643 B 112ms
58ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=convertlive.com&callback=_gfp_s_&client=ca-pub-7284338124365549

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7284338124365549&plah=convertlive.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

28b4cf464f4258e870750d1cea5bad471e10ddc7767904f01f1fe0f40bd7236f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=convertlive.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=convertlive.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 37B6 101 KB
32 KB 216ms
202ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b774aa4eb1a80110bf2ed4eb5a5ab738c1dbb4562cf056eb74efcfcb8e1c3ff1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COTykK2RkO8CFaZHFQgd8RAC6g&gqi=q2k9YJvEGpyA1fAPhaG1mAE&layout=/sadbundle/%24csp%253Der3%24/6361393908485339233/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://convertlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://convertlive.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COTykK2RkO8CFaZHFQgd8RAC6g&gqi=q2k9YJvEGpyA1fAPhaG1mAE&layout=/sadbundle/%24csp%253Der3%24/6361393908485339233/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 22:24:43 GMT
server: cafe
content-length: 32540
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Mar-2021 22:39:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 22:24:43 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E25C 68 KB
22 KB 347ms
343ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d12ce8da26d6d0a06eb2993320778482c3d33bdafaeba76e8fd1ace84ffa33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://convertlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://convertlive.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 22:24:43 GMT
server: cafe
content-length: 22346
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Mar-2021 22:39:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 22:24:43 GMT
cache-control: private

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fconvertlive.com%2F&tn=DIV&id=sid-container&ign=false

Requested by

Host: convertlive.com
URL: https://convertlive.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 22:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 757B 0
549 B 37ms
37ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&adk=1812271804&adf=3025194257&lmt=1614637483&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fconvertlive.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614637483314&bpp=1&bdt=287&idt=90&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C300x600&nras=1&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=97

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7284338124365549&output=html&adk=1812271804&adf=3025194257&lmt=1614637483&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fconvertlive.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614637483314&bpp=1&bdt=287&idt=90&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C300x600&nras=1&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://convertlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://convertlive.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 01 Mar 2021 22:24:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Mar-2021 22:39:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 22:24:43 GMT
cache-control: private

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/ Frame 9B69 27 KB
6 KB 27ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Requested by

Host: convertlive.com
URL: https://convertlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c5d6eb8ef10038b816d1570516dec526515a3c6e8ff1e20a26a9943d451e536

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6361393908485339233/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 27 Feb 2021 05:01:40 GMT
expires: Sun, 27 Feb 2022 05:01:40 GMT
last-modified: Tue, 26 Jan 2021 13:29:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 4520
age: 235383
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4A0F 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE7mQq2k9YKTxGqaP1fAP8aGI0A6chuKXYfXsrvb7DITBtauuARABIM3m5hVglQKgAZb-l9gDyAEJqQJXojaHJzm0PqgDAcgDSKoEtQFP0EOLZbfgWIQLt9NKlULCbK0GKE82SpNiKvFCdx9bVgBulG8NfmCsVSuA9ORbdEadgCbVMMO_rC5VcO7dPW5FhIazPChkTfjvm30QZirIPGreahW2xowwgt0KinqrXYDFdLtTMeoDBLPatG176gE9zmkOYDfrxJtClbXMUFCKbPnjTUliKYZgaK-cfrlfMGIO54aCrrwXby6trndqM8O5XkMorCDIUo1fPhWC7SV7CQ8ZlhSAwATY6PmmvQOSBQQIBBgBkgUECAUYBKAGLoAHl5KXYqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDZpwjSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNzI4NDMzODEyNDM2NTU0OQ&sigh=S23FWC4gw3w&template_id=419&tpd=AGWhJmuUGJJMfU4-FlhkAfH-Hdp2QaZcLann0QiDslUdOBnorw

Requested by

Host: convertlive.com
URL: https://convertlive.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 01 Mar 2021 22:24:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 4A0F 18 KB
8 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:22:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 4A0F 3 KB
2 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:04:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A0F 107 KB
33 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 4A0F 14 KB
6 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:19:49 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E758 143 B
220 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Mar 2021 21:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3010
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9B69 9 KB
4 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 02 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9B69 22 KB
9 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 02 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 e91b6016a5c78c98579a792ecdf35f2d.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/ Frame 9B69 78 KB
21 KB 35ms
22ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/e91b6016a5c78c98579a792ecdf35f2d.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de3aa6234d679078c96c64ab9c5f0d354258bb46177d465e77359fe4c7fd7102

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 372432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20092
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 13:29:07 GMT
server: sffe
date: Thu, 25 Feb 2021 14:57:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 14:57:31 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E758
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

15ms
15ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlFDbJEkWLugZ_3LCFkhY7EtPT6RG-wyWaSvXksQjxFs5SglvzzZMWnse4luxY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 01 Mar 2021 22:24:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 01-Mar-2021 23:24:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 22:24:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 01 Mar 2021 22:24:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4A0F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b1b013431ff63a99ffa592451e5220589130548ef4e2ca8a818d626f9eaf641

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 9B69 6 KB
713 B 49ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:NaN|Open+Sans:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/e91b6016a5c78c98579a792ecdf35f2d.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 22:24:43 GMT
server: ESF
date: Mon, 01 Mar 2021 22:24:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H3-Q050 200 593232419a75455fc5f776e2010bd449.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/ Frame 9B69 3 KB
1 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/593232419a75455fc5f776e2010bd449.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44c210edd407796e59a5e2e31b61fa8947c53f5f05288a21e0eb60c553e75eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 382673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 13:29:07 GMT
server: sffe
date: Thu, 25 Feb 2021 12:06:50 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 12:06:50 GMT

GET
H3-Q050 200 acfd51aec52c8d8564905f81b08d5d18.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/ Frame 9B69 5 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/acfd51aec52c8d8564905f81b08d5d18.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f40bdbbd7be0057433abeec38e9e61decd465e547446f2b94e4e0c74a40b2bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 347030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4669
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 13:29:07 GMT
server: sffe
date: Thu, 25 Feb 2021 22:00:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:00:53 GMT

GET
H3-Q050 200 63a6a0874f087c95622867530c533f1b.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/ Frame 9B69 8 KB
8 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/63a6a0874f087c95622867530c533f1b.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40e31a0ff9a80e381dfe9435ff28ba6f6a3c8a1d21d05d0cddfebd028d778872

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 212613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8050
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 13:29:07 GMT
server: sffe
date: Sat, 27 Feb 2021 11:21:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 11:21:10 GMT

GET
H3-Q050 200 6322ff917fbfd7a4a4e7400ddba2cc23.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/ Frame 9B69 118 KB
32 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/media/6322ff917fbfd7a4a4e7400ddba2cc23.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6361393908485339233/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

061c80651df49da0b3843d39cac3e6c3eb6cd2f4cf0e9f6a6eacab6d36e80f0c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 214859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32732
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 13:29:07 GMT
server: sffe
date: Sat, 27 Feb 2021 10:43:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:43:44 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E25C 3 KB
1023 B 32ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 20:57:41 GMT
server: ESF
date: Mon, 01 Mar 2021 22:24:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E25C 2 KB
991 B 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:21:01 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame E25C 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:22:05 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E25C 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:04:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E25C 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Mon, 01 Mar 2021 22:24:43 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E25C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:19:49 GMT

GET
H2 200 5d4b6918ba53c75bacf90c3e9a55021e.js Show response
www.gstatic.com/mysidia/ Frame E25C 25 KB
11 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 01:31:13 GMT
server: sffe
age: 131702
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10833
x-xss-protection: 0
expires: Sat, 29 May 2021 09:49:41 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame E25C 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrMbQq2k9YIC6G_Dc7_UP1fCHyAurmqm9Yb6ZxO3qDITBtauuARABIM3m5hVglQKgAcrjg9wDyAEJqQLR4_sAvk2BPqgDAcgDywSqBLUBT9CMv7Z_LReNSB76jVk4dLYdB2qWZasJlAG8-gV0d9jQ125gX0vkX295e3EmNlfNXcD7xGPsRwmMRn7x4d42MG-N1yXBWP1vXiCSBAl8-ccwDIVP4Ac67-2WCUPOg_jmmiKf4e95Co2XRnnk2KEVaz7wZvJZyX-k4q7QiL1Y0MOFKqiw_DC0Cxp_VTZgVqyoAoSnqgK9jV88pcE0BONrs2fr2gg9yrpUVDzX5qJPabNAAA2aOMAEv73fka0DkgUECAQYAZIFBAgFGASgBi6AB56c_COoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ3OIw0ggJCIDhgBAQARgfgAoByAsB2BMNiBQDmBYBshcaChgIABIUcHViLTcyODQzMzgxMjQzNjU1NDk&sigh=wjuTc4yKPpA&template_id=5000&tpd=AGWhJmtIwLLUxrLILE6Ov98yyJgyseL3W1sxF7MQdqlgYL634g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 01 Mar 2021 22:24:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15149424072574732829/ Frame E25C 20 KB
20 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15149424072574732829/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d2827628a47fc993402b5c78fb1f67f94e0d4c6659ad59986c96dcb8dc079f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:52:54 GMT
x-content-type-options: nosniff
age: 282709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20848
x-xss-protection: 0
last-modified: Mon, 04 Jan 2021 04:37:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 15:52:54 GMT

GET
DATA 200
OK truncated
/ Frame E25C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 9B69 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:NaN|Open+Sans:600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:NaN|Open+Sans:600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:45:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 13140
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:45:43 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 9B69 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:NaN|Open+Sans:600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700|Open+Sans:NaN|Open+Sans:600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 355397
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:26 GMT

GET
DATA 200
OK truncated
/ Frame E25C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bc60cfc7298683e8a1ed6181c41a8773fb53908a9e97d4b96fdcdba7d84d2ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E25C 14 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 05:19:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 407089
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Fri, 25 Feb 2022 05:19:54 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E25C 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 379682
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Fri, 25 Feb 2022 12:56:41 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8f91c447a88133e3109ae6e6d1581ace6c500e33274746ea2d222af49f5e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 22:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6497
x-xss-protection: 0

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FA7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 20:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 7527
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Tue, 01 Mar 2022 20:19:16 GMT

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B69 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 20:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 7527
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Tue, 01 Mar 2022 20:19:16 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 01 Mar 2021 22:24:44 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 654D 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://convertlive.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://convertlive.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 01 Mar 2021 20:19:15 GMT
expires: Tue, 01 Mar 2022 20:19:15 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7529
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 654D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 20:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 7528
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Tue, 01 Mar 2022 20:19:16 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=820848925788495&bg=!kpGlkdLNAAXB_3NtwTsAKQB2-DxaRwoRmQjWjBSlkw4uNfxHmMjxoePnRAv0-_VbWfJm14wnGXxXAgAAAFtSAAAADWgBBwoA0hhDYDpvRO7mTdqSrWdpeFD9PP4ffe5s0Zp3vTEEZHrk4hIujqSfJFmKxFxRebh7wX88IDWUlXb4jwO5EtiiK0SfcAtzgX32frpeESFTShxP5PcwN14IP62k0NrP3oZ0jaDSrwN4n2XUSlKsRLsAEvh_82z07YHdQXpddLceJIhW8QigjJn71tRy6dZXTZgFmVxNkh9hDXdpdGPpyjIwmr5TqB0Ji2jTBRnAsxmMp84vGhTSRLo04h0Qk2GQVun4rpNzNGczbJtMK49Mfa90GIwNJ5kBz_zZlFONMrg8JdaQMaC3lDZPjQ9erQO_Zh6wPYgpmhtTq5Y71ciwe6b8DdqIclYbwffBHwg9rPc8ya3HqNzCBDLC3uHI0YJhSpj36xp-jfnYPEhX-pK77IcbymAhWNEJ74MHPd6ZMttVNfpXuUGd-tBHwsoz5srffDsy3chxQs7nIu_JFpg1esvb9dvCijCyplM4CvzsqfKHcghmL5Q0eJdezIMXbdk_Jjo8yTW8HD7CFV5fWtR13VZlwQIcaBagkT-PCnnren38ncuAhmU6SrNhpOFLGvUygSiXJ6fr1OjfsqSMulQ30kTjudSwWQoduCo8x-cfyTFyP0O35iwKTMzPT0zkhuY2WVncPwSuzj3xompAA2N-Zvo-yBSn25LtSwGIQl9U9CbDLK7_iz4T_RKOos24Gvei-bSpKApUyasquQNZl20RMYlBU6V235fEZy-7vqWrBu8rp_0VvsHOLuHMh_CSlbb_OU3u3RdVoTgUGV5mA5m69v8tAkAaKZ3GKzmlhyhmzjL8eAi8EYr0OR8cw_g6-5jtYH0Cc-lMBtXFyLDf83YxThdmPwLoGeMU4Qs52A2FUbL-iX__ooG1Z92Ys4GwDkgcPKeiFZgfJo8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://convertlive.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 22:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A0F 42 B
155 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_3Veoy4VPrzD0KXSU8pInv88DigRjWWfxFAG20j0HfVkoc4TeBLBGDflVPiy_NXJ_5vfpM5erFMM0bKVHfaW5p7WQykhCUMYe46r9B7fi4HmKBVnlhSxoy63ntg&sai=AMfl-YQAzU3AIf5vJ8Zzzs0PusXzgpKS5vMKOQGRcEMfw1vtG8aloZ-Oabgz_uQB3HGRLtylE79jQELfrtSr&sig=Cg0ArKJSzIJcYq1IqbOsEAE&id=osdim&mcvt=1006&p=262,467,312,787&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3019009495&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614637483394&dlt=222&rpt=73&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=100&slotname=9241405020&adk=3019009495&adf=967918717&pi=t.ma~as.9241405020&w=320&lmt=1614637483&psa=0&format=320x100&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483280&bpp=30&bdt=254&idt=91&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3621845875484&frm=20&pv=2&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=467&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CltWyAMdgr&p=https%3A//convertlive.com&dtd=110
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 22:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E25C 42 B
66 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqUm63nc_89N0MCQ7cpCyIPZJZB1jyTIk_CGR7vSmnyA45OqoRctAMPT2_sCCO_DqjntZEGdVT2e6vIO0d0vW0OkZ-HSqwWqnbgWfnfz4UjcmHMlZUZNWngPU2gw&sai=AMfl-YT8b2cXcSD7HBEl0tcugh8r7guxpJgR6ai_V-xz74bws0lcMPCl78fOob1Rvn6Mkn9hc39ZFSxAYwwX&sig=Cg0ArKJSzE4wHmMI7BE1EAE&id=osdim&mcvt=1000&p=858,996,1458,1296&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=0.57&if=1&app=0&itpl=22&adk=2465031951&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614637483403&dlt=352&rpt=55&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7284338124365549&output=html&h=600&slotname=9021079026&adk=2465031951&adf=1290778759&pi=t.ma~as.9021079026&w=300&lmt=1614637483&psa=0&format=300x600&url=https%3A%2F%2Fconvertlive.com%2F&flash=0&wgl=1&dt=1614637483310&bpp=4&bdt=284&idt=89&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=3621845875484&frm=20&pv=1&ga_vid=2080448843.1614637483&ga_sid=1614637483&ga_hid=540730224&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=858&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820848925788495&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mo%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YSyS0lISPj&p=https%3A//convertlive.com&dtd=92
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 22:24:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:30:41	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 01:52:13	Name: IDE Value: AHWqTUlFDbJEkWLugZ_3LCFkhY7EtPT6RG-wyWaSvXksQjxFs5SglvzzZMWnse4luxY
.doubleclick.net/	1970-01-19 16:30:38	Name: test_cookie Value: CheckForPermission
.convertlive.com/	1970-01-19 16:30:37	Name: _gat Value: 1
.convertlive.com/	1970-01-20 01:52:13	Name: __gads Value: ID=1ba442ba84b6f060-22e6a5f1a2ba005e:T=1614637483:RT=1614637483:S=ALNI_MaLBIR82-x3Vn-xbwdnqolrkZpDzg
.convertlive.com/	1970-01-19 16:32:03	Name: _gid Value: GA1.2.1685526793.1614637483
.convertlive.com/	1970-01-20 10:01:49	Name: _ga Value: GA1.2.2080448843.1614637483

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
convertlive.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.convertlive.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.34
176.58.108.207
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
061c80651df49da0b3843d39cac3e6c3eb6cd2f4cf0e9f6a6eacab6d36e80f0c
0b19fc45724144b55385e002576d8f81df740d2ad3de39861528a89ce143bd00
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1b013431ff63a99ffa592451e5220589130548ef4e2ca8a818d626f9eaf641
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
28b4cf464f4258e870750d1cea5bad471e10ddc7767904f01f1fe0f40bd7236f
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
3b0dc965805ed0d2ee526315397c412a3eefd7c18e34288d00456a9dd79e34b9
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
40e31a0ff9a80e381dfe9435ff28ba6f6a3c8a1d21d05d0cddfebd028d778872
44d2827628a47fc993402b5c78fb1f67f94e0d4c6659ad59986c96dcb8dc079f
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bc60cfc7298683e8a1ed6181c41a8773fb53908a9e97d4b96fdcdba7d84d2ce
4d12ce8da26d6d0a06eb2993320778482c3d33bdafaeba76e8fd1ace84ffa33b
4da637d509b6256da54558154dd0d984da233ff38dca34c3e1c777c69e6e9092
546ec14fd72def64f8f3073dbab982bd8591dcd76674e35b5378bd299b9f3edc
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7802550b3c25ab21c239f5bc3b398f186789b0592d524cdcbc40863d66bda2e1
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
876db4afbee3328d870c5cc680fddb5cf7fabeba4edb32a811489a9e8864ab36
8c5d6eb8ef10038b816d1570516dec526515a3c6e8ff1e20a26a9943d451e536
91a9eff6710b317cd07d99fe63d5d091e6c33c2b6248391176fadf5300e7d96b
9d8f91c447a88133e3109ae6e6d1581ace6c500e33274746ea2d222af49f5e16
9f40bdbbd7be0057433abeec38e9e61decd465e547446f2b94e4e0c74a40b2bc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a206a557becbd00312233f6482262e545eabae21b67cace8ddf3c476ad6d268e
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac164842a87cba891adc00266ded0c36c3e6dfeb02b09a78e178885b4a7a53c0
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
b44c210edd407796e59a5e2e31b61fa8947c53f5f05288a21e0eb60c553e75eb
b774aa4eb1a80110bf2ed4eb5a5ab738c1dbb4562cf056eb74efcfcb8e1c3ff1
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
de3aa6234d679078c96c64ab9c5f0d354258bb46177d465e77359fe4c7fd7102
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

convertlive.com Open in urlscan Pro 176.58.108.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

85 %IPv6

10 Domains

14 Subdomains

13 IPs

3 Countries

655 kBTransfer

1580 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

convertlive.com Open in urlscan Pro
176.58.108.207 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

85 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

655 kB
Transfer

1580 kB
Size

7
Cookies

66 HTTP transactions
3 data transactions