urlscan.io logo urlscan.io
SecurityTrails logo

208.77.20.11 Open in urlscan Pro
208.77.20.11  Public Scan

Go To Rescan Add Verdict Report
URL: http://208.77.20.11/
Submission: On January 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 208.77.20.11, located in United States and belongs to TZULO, US. The main domain is 208.77.20.11.
This is the only time 208.77.20.11 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 208.77.20.11 11878 (TZULO)
4 16 192.124.249.53 30148 (SUCURI-SEC)
11 2a00:1450:400... 15169 (GOOGLE)
1 216.58.207.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
29 6
2    208.77.20.11 (United States)

ASN11878 (TZULO, US)
PTR: mx.sygnow.net
208.77.20.11
16    192.124.249.53 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10053.sucuri.net
www.linuxmint.com
11    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
www.googletagservices.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
16 www.linuxmint.com 4 redirects 208.77.20.11
www.linuxmint.com
5 pagead2.googlesyndication.com 208.77.20.11
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
29 8

This site contains links to these domains. Also see Links.

Domain
www.linuxmint.com
Subject Issuer Validity Valid
linuxmint.com
Go Daddy Secure Certificate Authority - G2		 2020-11-09 -
2021-12-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://208.77.20.11/
Frame ID: 152DAE123C9B73E16898E4CAE02E05F9
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html
Frame ID: BF173CFCF550D4B74C49A5CC647AA19A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&h=60&slotname=0451934756&adk=1748751662&adf=4129909192&pi=t.ma~as.0451934756&w=468&lmt=1611362782&url=http%3A%2F%2F208.77.20.11%2F&flash=0&wgl=1&dt=1611362782552&bpp=16&bdt=239&idt=137&shv=r20210120&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=58419900260&frm=20&pv=2&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=426&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=tyqbcenJSG&p=http%3A//208.77.20.11&dtd=154
Frame ID: 14F37206DE0533685E444CD6E022EC10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&h=600&slotname=1081472226&adk=2683534250&adf=2057286288&pi=t.ma~as.1081472226&w=160&lmt=1611362782&url=http%3A%2F%2F208.77.20.11%2F&flash=0&wgl=1&dt=1611362782569&bpp=5&bdt=255&idt=145&shv=r20210120&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=0451934756&correlator=58419900260&frm=20&pv=1&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oux4lnYBFw&p=http%3A//208.77.20.11&dtd=149
Frame ID: F05CCF5028F056FBE8C8AC8273808D05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&adk=1812271804&adf=3025194257&lmt=1611362782&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2F208.77.20.11%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1611362782955&bpp=1&bdt=641&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=0451934756%2C1081472226&nras=1&correlator=58419900260&frm=20&pv=1&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Frame ID: EF5BF7042ED47E09B2A17E15E65641FA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 8095ADCADA844CB58B04CB0C0F558195
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Repository - Linux Mint

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\/pagead\/show_ads\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

29
Requests

90 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

446 kB
Transfer

800 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.linuxmint.com/css/minty.css HTTP 301
  • https://www.linuxmint.com/css/minty.css
Request Chain 1
  • http://www.linuxmint.com/css/lytebox.css HTTP 301
  • https://www.linuxmint.com/css/lytebox.css
Request Chain 2
  • http://www.linuxmint.com/js/jstarget.js HTTP 301
  • https://www.linuxmint.com/js/jstarget.js
Request Chain 5
  • http://www.linuxmint.com/img/ads/download.png HTTP 301
  • https://www.linuxmint.com/img/ads/download.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
208.77.20.11/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://208.77.20.11/
Protocol
HTTP/1.1
Server
208.77.20.11 , United States, ASN11878 (TZULO, US),
Reverse DNS
mx.sygnow.net
Software
/
Resource Hash
67a82c3ad881f8e5df14c476a4a957867d5ca8bb2392575524b307d1c97fcf08

Request headers

Host
208.77.20.11
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Date
Sat, 23 Jan 2021 00:48:49 GMT
minty.css
www.linuxmint.com/css/
Redirect Chain
  • http://www.linuxmint.com/css/minty.css
  • https://www.linuxmint.com/css/minty.css
20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.linuxmint.com/css/minty.css
Requested by
Host: 208.77.20.11
URL: http://208.77.20.11/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
a647fec28934b1282d974e359a15483017f4a1d7004f95bbd2da1b0cae407caa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4525
x-xss-protection
1; mode=block
last-modified
Thu, 03 Dec 2015 10:04:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5036-525fb85ebdd65-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://www.linuxmint.com/css/minty.css
Date
Sat, 23 Jan 2021 00:46:22 GMT
X-Sucuri-ID
19003
Server
Sucuri/Cloudproxy
Connection
keep-alive
Content-Length
162
Content-Type
text/html
lytebox.css
www.linuxmint.com/css/
Redirect Chain
  • http://www.linuxmint.com/css/lytebox.css
  • https://www.linuxmint.com/css/lytebox.css
6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.linuxmint.com/css/lytebox.css
Requested by
Host: 208.77.20.11
URL: http://208.77.20.11/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
834092a96fecbb86e52c7eb48b0d40c34f667ff55cc4cf949a7b3515f260eeae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1244
x-xss-protection
1; mode=block
last-modified
Sat, 13 Oct 2007 04:12:51 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"16f5-43c580c7ab6c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://www.linuxmint.com/css/lytebox.css
Date
Sat, 23 Jan 2021 00:46:22 GMT
X-Sucuri-ID
19003
Server
Sucuri/Cloudproxy
Connection
keep-alive
Content-Length
162
Content-Type
text/html
jstarget.js
www.linuxmint.com/js/
Redirect Chain
  • http://www.linuxmint.com/js/jstarget.js
  • https://www.linuxmint.com/js/jstarget.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.linuxmint.com/js/jstarget.js
Requested by
Host: 208.77.20.11
URL: http://208.77.20.11/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
1d940f8a2370a97dc79abb00444cca64e7e4731a3797333f2931a603188ef156
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
768
x-xss-protection
1; mode=block
last-modified
Wed, 02 Dec 2015 21:56:03 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"62b-525f1572c53c2-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://www.linuxmint.com/js/jstarget.js
Date
Sat, 23 Jan 2021 00:46:22 GMT
X-Sucuri-ID
19003
Server
Sucuri/Cloudproxy
Connection
keep-alive
Content-Length
162
Content-Type
text/html
show_ads.js
pagead2.googlesyndication.com/pagead/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 208.77.20.11
URL: http://208.77.20.11/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
531e709d38ac5159f8dde6aceb974b156a9bc0c9056252823f19b449b2e15ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 23 Jan 2021 00:46:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
2085635770701740958
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
32962
X-XSS-Protection
0
Expires
Sat, 23 Jan 2021 00:46:22 GMT
btn-search.png
208.77.20.11/img/ 		768 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://208.77.20.11/img/btn-search.png
Requested by
Host: 208.77.20.11
URL: http://208.77.20.11/
Protocol
HTTP/1.1
Server
208.77.20.11 , United States, ASN11878 (TZULO, US),
Reverse DNS
mx.sygnow.net
Software
/
Resource Hash
6abc0960bfcf35b8a7ec894f29b80668ca2a9e0cdea5b502905f2bdf182cf6c6

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 00:48:49 GMT
Last-Modified
Tue, 25 Mar 2008 22:14:50 GMT
Accept-Ranges
bytes
ETag
"1236623067"
Content-Length
768
Content-Type
image/png
download.png
www.linuxmint.com/img/ads/
Redirect Chain
  • http://www.linuxmint.com/img/ads/download.png
  • https://www.linuxmint.com/img/ads/download.png
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/ads/download.png
Requested by
Host: 208.77.20.11
URL: http://208.77.20.11/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
60eb1fb3a74faf90a9a202f3c65e2275d229dfe7da6457c0bc0185a97f552d9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Dec 2015 22:48:56 GMT
server
nginx
etag
"55b8-525f214488f6f"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
21944
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location
https://www.linuxmint.com/img/ads/download.png
Date
Sat, 23 Jan 2021 00:46:22 GMT
X-Sucuri-ID
19003
Server
Sucuri/Cloudproxy
Connection
keep-alive
Content-Length
162
Content-Type
text/html
bg-repeat.png
www.linuxmint.com/img/ 		180 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/bg-repeat.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
4f6a25e4251ed257d5b9a2d2b32f1ea8d6e2843e412ef8d3c0e343f02f413fa9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Oct 2007 10:09:05 GMT
server
nginx
etag
"b4-43c48e8a0b240"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
180
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg.png
www.linuxmint.com/img/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/bg.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
94661898118981baa6148f6501264987c6b7525d8e38eff551bdf51036133621
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Dec 2009 07:27:32 GMT
server
nginx
etag
"25756-479a5b0f12100"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
153430
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg-wrapper.png
www.linuxmint.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/bg-wrapper.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
365ab08e9ad6921d24d2c53a1827d793a7e6c6dcd1902287602849d3f67f1cdf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Oct 2007 10:09:07 GMT
server
nginx
etag
"f8a-43c48e8bf36c0"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
3978
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.linuxmint.com/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/logo.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
c0f105d4fd5807654b15d31270092e0c2a6fc0512a8923f27d0e07d337baff15
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Oct 2007 10:09:19 GMT
server
nginx
etag
"3eec-43c48e97651c0"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
16108
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg-body.png
www.linuxmint.com/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/bg-body.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
6dd590886c84d4fb73e8d5f1a77e0b2273a74b70ad4918000e37318f8ae25c14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Oct 2007 10:09:04 GMT
server
nginx
etag
"95d-43c48e8917000"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
2397
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/ 		224 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15da919fdc4d8b17964857c0b11e564604a65114330371bd7127b771bb98a998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
85977
x-xss-protection
0
server
cafe
etag
14064139071805855461
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Jan 2021 00:46:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/ Frame BF17 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210120/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210120/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://208.77.20.11/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://208.77.20.11/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 22 Jan 2021 19:41:33 GMT
expires
Fri, 05 Feb 2021 19:41:33 GMT
content-type
text/html; charset=UTF-8
etag
1252425945412704235
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
18289
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
buttons.png
www.linuxmint.com/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/buttons.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
ce02ebd9b84a1490e48438ac9e291b3b75fd00b1a654913b632741fef5b4adbb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Oct 2007 10:09:11 GMT
server
nginx
etag
"481f-43c48e8fc3fc0"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
18463
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg-ads.png
www.linuxmint.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/bg-ads.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
7b06055376be3f398a56d5e9f8490c1b51659df7d469658448d791a8b9a1cccb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Oct 2007 10:09:03 GMT
server
nginx
etag
"150a-43c48e8822dc0"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
5386
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg-footer.png
www.linuxmint.com/img/ 		485 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linuxmint.com/img/bg-footer.png
Requested by
Host: www.linuxmint.com
URL: https://www.linuxmint.com/css/minty.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.53 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10053.sucuri.net
Software
nginx /
Resource Hash
37eade58b0ac03c07473f748da51eea70b4e2cf7f640930522c7b58c436c1618
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linuxmint.com/css/minty.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Oct 2007 10:09:05 GMT
server
nginx
etag
"1e5-43c48e8a0b240"
x-frame-options
SAMEORIGIN
content-type
image/png
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19003
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
485
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=208.77.20.11&callback=_gfp_s_&client=ca-pub-3911921815512938
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
237cf910b17186a4b02f76e5bb17ee5dbf62d9dac0e0c57aac8c12970e024466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=208.77.20.11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=208.77.20.11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 14F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&h=60&slotname=0451934756&adk=1748751662&adf=4129909192&pi=t.ma~as.0451934756&w=468&lmt=1611362782&url=http%3A%2F%2F208.77.20.11%2F&flash=0&wgl=1&dt=1611362782552&bpp=16&bdt=239&idt=137&shv=r20210120&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=58419900260&frm=20&pv=2&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=426&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=tyqbcenJSG&p=http%3A//208.77.20.11&dtd=154
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&h=60&slotname=0451934756&adk=1748751662&adf=4129909192&pi=t.ma~as.0451934756&w=468&lmt=1611362782&url=http%3A%2F%2F208.77.20.11%2F&flash=0&wgl=1&dt=1611362782552&bpp=16&bdt=239&idt=137&shv=r20210120&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=58419900260&frm=20&pv=2&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=426&ady=610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=tyqbcenJSG&p=http%3A//208.77.20.11&dtd=154
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://208.77.20.11/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://208.77.20.11/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Jan 2021 00:46:22 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Jan-2021 01:01:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611319200633513"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28803
x-xss-protection
0
expires
Sat, 23 Jan 2021 00:46:22 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F05C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&h=600&slotname=1081472226&adk=2683534250&adf=2057286288&pi=t.ma~as.1081472226&w=160&lmt=1611362782&url=http%3A%2F%2F208.77.20.11%2F&flash=0&wgl=1&dt=1611362782569&bpp=5&bdt=255&idt=145&shv=r20210120&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=0451934756&correlator=58419900260&frm=20&pv=1&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oux4lnYBFw&p=http%3A//208.77.20.11&dtd=149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&h=600&slotname=1081472226&adk=2683534250&adf=2057286288&pi=t.ma~as.1081472226&w=160&lmt=1611362782&url=http%3A%2F%2F208.77.20.11%2F&flash=0&wgl=1&dt=1611362782569&bpp=5&bdt=255&idt=145&shv=r20210120&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=0451934756&correlator=58419900260&frm=20&pv=1&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oux4lnYBFw&p=http%3A//208.77.20.11&dtd=149
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://208.77.20.11/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://208.77.20.11/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 23 Jan 2021 00:46:22 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 23-Jan-2021 01:01:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		132 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47256
x-xss-protection
0
server
cafe
etag
10183075830532257014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 23 Jan 2021 00:46:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53455f0177c16bc4ee42e9d0ff6f6c93cceb49befc6eae332b631acd2b401f8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6918
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EF5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&adk=1812271804&adf=3025194257&lmt=1611362782&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2F208.77.20.11%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1611362782955&bpp=1&bdt=641&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=0451934756%2C1081472226&nras=1&correlator=58419900260&frm=20&pv=1&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3911921815512938&output=html&adk=1812271804&adf=3025194257&lmt=1611362782&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2F208.77.20.11%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1611362782955&bpp=1&bdt=641&idt=1&shv=r20210120&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=0451934756%2C1081472226&nras=1&correlator=58419900260&frm=20&pv=1&ga_vid=866345140.1611362783&ga_sid=1611362783&ga_hid=657333695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C21068083%2C21068769%2C21069109&oid=3&pvsid=4420545043629098&pem=296&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://208.77.20.11/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://208.77.20.11/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 23 Jan 2021 00:46:22 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUk5PurIs-NDrnsRZO27YcmU_Potd8dEuQ_yjYR9feOSMY9AZvW363KREJj1; expires=Thu, 17-Feb-2022 00:46:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 Jan 2021 00:46:22 GMT
cache-control
private
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210120/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3911921815512938&plah=208.77.20.11&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 23 Jan 2021 00:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Sat, 23 Jan 2021 00:46:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 8095 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://208.77.20.11/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://208.77.20.11/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Fri, 22 Jan 2021 22:45:59 GMT
expires
Sat, 22 Jan 2022 22:45:59 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7224
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210120&jk=4420545043629098&bg=!VValVhXNAAVwd1e1cDsAKQB2-DxaZm4z0kZYMYmsUsh_A5lIPb0zpdPPYaxh6MCHUIhq8TqFWIfeAgAAAE9SAAAADGgBBwoBQX6Eu5pg-hINwHlcaAvMfFlbiCjTTY2LO9lbvHRxkACSoetpyoh71cN2m1G-dAkFtuz3YUuaVZzpNZxy7tud1mqLELwLjc-HTvNyT-HcMBXWJ2qo5XF9eFJG0xTPx1CbLE3IX3MbjBamrCmuD5YOcRCXL8vObhY2SPutaJC5LKfkml5kS6cuRwQOvx7qIrpzoqYGzv0pOH3UYN9yKgKI-b4HxXzS7P3qw3JmINYL8bc4hGl-FzfE-essBv7GyJ6Nzobb6E4FdxUXWdhqf1hMWrHIz2sYNU_IGI45U_kdr1oiaC46Rl6tf_q_Xuo8HOvO240bT5xMiS_M97GgsjluToIuAo8vFiNYfdOmGa1cUG7i7vjtfnsgdBE-JmsWEVeZBvTm1b1sOapdjORutLSf3_goHjsP0N_YYyvqO3PxyijdQ5kBxt8i8NfmwcQeqJpp6ei6s7YfHkmWdYZJ88fRowmpD1mrPNGT5Bo76zhaHlK4ov5zIhXjsKIT0rLz1-VBzLghuYFfdwqf9ucTiqiYbzedXc-F1rnU5OqhIoYyISAUzp4Yz4PQZlgFNJ57EHw7grAGRNEwbucwY3HwtV4mzu57nzBj7-BQhY7cLOU4Zd0-_ktuS5n0MokdB-Lw0Jk6gfig0Rf1CnH3Md913LfgQLOF_LKzJEVM10SBaiUKWlSltcpS-1dhupysJBN_ME45Zg0pJjIOnJCx6wJcLOAFEDo2EaJBMSvCIKw-4rUmpMQjUHee21miTEkoEi_a4S1KDdoMhDxaoHBBJ6J2lnIRDVPPNv-6XsEZ465Fx3bW6JJoy7OHCCiu5ViE3vEIUNCMH_FK3NVKWSUWFIP_exl8tcC12qZZtszKX0l2xR3uBkwORaIFojnv8-qYXSz-Pjjh675qYwhYEmykQnz82TC8W3-a8SBxCo70QrA-JjpLpk7gE2vWg0w9qT4baBYP_qNFeMHqWK7pL_eI7GVQ6-VnkbPMwiZ2r8WmqZaNGYpj3B2_M9cJj9HB8ebpmsVOZQN_4Mxx3nWJUtLyqZQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://208.77.20.11/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jan 2021 00:46:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| JSTarget object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_trust_token_operation_status number| google_unique_id object| google_sa_queue object| google_sl_win function| google_process_slots object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_bfa object| ebfa object| ebfaca object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| adsbygoogle function| google_spfd object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.googletagservices.com
www.linuxmint.com
192.124.249.53
208.77.20.11
216.58.207.66
2a00:1450:4001:803::2001
2a00:1450:4001:816::2002
2a00:1450:4001:825::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
15da919fdc4d8b17964857c0b11e564604a65114330371bd7127b771bb98a998
1d940f8a2370a97dc79abb00444cca64e7e4731a3797333f2931a603188ef156
237cf910b17186a4b02f76e5bb17ee5dbf62d9dac0e0c57aac8c12970e024466
365ab08e9ad6921d24d2c53a1827d793a7e6c6dcd1902287602849d3f67f1cdf
37eade58b0ac03c07473f748da51eea70b4e2cf7f640930522c7b58c436c1618
4f6a25e4251ed257d5b9a2d2b32f1ea8d6e2843e412ef8d3c0e343f02f413fa9
531e709d38ac5159f8dde6aceb974b156a9bc0c9056252823f19b449b2e15ed9
53455f0177c16bc4ee42e9d0ff6f6c93cceb49befc6eae332b631acd2b401f8b
60eb1fb3a74faf90a9a202f3c65e2275d229dfe7da6457c0bc0185a97f552d9b
67a82c3ad881f8e5df14c476a4a957867d5ca8bb2392575524b307d1c97fcf08
6abc0960bfcf35b8a7ec894f29b80668ca2a9e0cdea5b502905f2bdf182cf6c6
6dd590886c84d4fb73e8d5f1a77e0b2273a74b70ad4918000e37318f8ae25c14
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
7b06055376be3f398a56d5e9f8490c1b51659df7d469658448d791a8b9a1cccb
834092a96fecbb86e52c7eb48b0d40c34f667ff55cc4cf949a7b3515f260eeae
94661898118981baa6148f6501264987c6b7525d8e38eff551bdf51036133621
a647fec28934b1282d974e359a15483017f4a1d7004f95bbd2da1b0cae407caa
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c0f105d4fd5807654b15d31270092e0c2a6fc0512a8923f27d0e07d337baff15
ce02ebd9b84a1490e48438ac9e291b3b75fd00b1a654913b632741fef5b4adbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855