www.bstemplates.com Open in urlscan Pro
107.180.41.251 Public Scan

URL:
http://www.bstemplates.com/
Submission: On March 31 via manual (March 31st 2021, 11:15:08 pm UTC) from NZ

Summary HTTP 89 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 89 HTTP transactions. The main IP is 107.180.41.251, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.bstemplates.com.

This is the only time www.bstemplates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	107.180.41.251 107.180.41.251	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	84.53.161.82 84.53.161.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	54.149.220.116 54.149.220.116	16509 (AMAZON-02) (AMAZON-02)
7	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	184.51.9.98 184.51.9.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
1 2	184.31.90.156 184.31.90.156	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
89	21

17 107.180.41.251 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-41-251.ip.secureserver.net

www.bstemplates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.53.161.82 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a84-53-161-82.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.220.116 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-220-116.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.98 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.90.156 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-90-156.deploy.static.akamaitechnologies.com

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	329 KB
21	doubleclick.net 1 redirects googleads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	87 KB
17	bstemplates.com www.bstemplates.com	562 KB
6	google.com 2 redirects adservice.google.com www.google.com	790 B
6	gstatic.com fonts.gstatic.com www.gstatic.com	104 KB
4	googletagservices.com www.googletagservices.com	136 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	secureserver.net 1 redirects img.secureserver.net	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	761 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	google.de adservice.google.de	2 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	306 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	645 B
1	wsimg.com img1.wsimg.com	5 KB
89	18

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net www.bstemplates.com tpc.googlesyndication.com pagead2.googlesyndication.com
17	www.bstemplates.com	www.bstemplates.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.bstemplates.com
11	pagead2.googlesyndication.com	www.bstemplates.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	www.bstemplates.com googleads.g.doubleclick.net
2	img.secureserver.net	1 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	img1.wsimg.com	www.bstemplates.com
89	23

This site contains links to these domains. Also see Links.

Domain
bstemplates.com

Subject Issuer	Validity	Valid
www.bstemplates.com Go Daddy Secure Certificate Authority - G2	`2020-04-22` - `2021-04-22`	a year	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2021-03-05` - `2022-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2019-10-22` - `2021-10-22`	2 years	crt.sh

This page contains 14 frames:

Primary Page: http://www.bstemplates.com/
Frame ID: 648F2623D7F3280D5B404B62439E2538
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html
Frame ID: 17CF68E6BDC98814603A2007480F9587
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=600&slotname=3258122610&adk=2342618132&adf=1267930685&pi=t.ma~as.3258122610&w=300&lmt=1617232492&psa=0&format=300x600&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&wgl=1&dt=1617232492075&bpp=11&bdt=991&idt=57&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7486171768381&frm=20&pv=2&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1083&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RF0h3rUYtg&p=http%3A//www.bstemplates.com&dtd=73
Frame ID: 80A522985AA8286EDCD0B817DA7079AE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&adk=1812271804&adf=3025194257&lmt=1617232492&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.bstemplates.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617232492086&bpp=2&bdt=1003&idt=68&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=72
Frame ID: 5E51F76EEEF25E5A99624074714D1886
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=280&adk=1377720917&adf=639192016&pi=t.aa~a.2004663329~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x280&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0&nras=2&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=omsUCJpbPc&p=http%3A//www.bstemplates.com&dtd=7
Frame ID: DE3F151511B5D973250F8CCDD0DD2D7F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10
Frame ID: A83F1D37A275877A71FF4E600F16B493
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
Frame ID: A73D1F798F187FCB0370E7BC85EB6C66
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C2xVybAJlYMbwE-uS7_UP9duZoA-v2IP1YY2CzJWkDYXdo6fZAhABIKnt3SRglQKgAercgNECyAEJqQL6_9Q3d4-pPqgDAcgDSKoE0QFP0GhZEnSUGRmI7b4tY-k4yhsC_KuTY6q7zdwIfdNq5RZrr0ynQK5fY6OUxxObwtfjQ8NpuA2_JVBr9Pk1PDZzLtTFYB5Yp6XcQcuTMvYmUjbrVzQhBv6cTYA_9Mv1S7vUdKiVKWM5omS2lwZU4WZxvw2Idy8LLemH7PA8OrPTJAVIIGJXl6ik44qw7OXbosOfkmmv6GWk_zEU2YxW98NclbfXojFAg5xjhmiTexCbbqAN8Ni2ZCgEq3X8PjT9_R2IIdgrB06wmWzHDkxG7wdyO8AE-8HKxKQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPCLEdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi02OTYzMTEzODUyODI2NDQ4&sigh=qnbnKSGmT20&template_id=419&tpd=AGWhJmtdu9LNLAQI7Og8lLXemXC6juxSIs_40Iqckk3cHo9NyA
Frame ID: 8AC799CABA8C43F1066D4EECC1E6C31D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8E8E095BE474A71043D82851C5FD625F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E1B90C9E97BF134E49D49D9FBF94F7F8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: EB7ED97F9BF26259C4E60208EE93E0CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45D5801F7F7B75D46A0246BEC436C587
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: C6BCA1767D588811DA8471C9BFE0723C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9B2A73D09D2289BD55DB3D7A5805FA3B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

89
Requests

87 %
HTTPS

54 %
IPv6

18
Domains

23
Subdomains

21
IPs

5
Countries

1229 kB
Transfer

2663 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://bstemplates.com/
Title: Copyright © 2017-2020

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1387634820;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=COL3-sHU2-8CFZqAgwcdcLoHVQ;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1387634820;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 77

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUITYLsSAdgy_nHzprraQG0zoZeAWEid0nxGz6X7r_nzfKztqAthnq3Q2yNZxuVIWUFF7PiI8E_R--mZ7TELPnKnAo67GuH9&google_gid=CAESEHCUqs4W1NjptYPFYmd9fH0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUITYLsSAdgy_nHzprraQG0zoZeAWEid0nxGz6X7r_nzfKztqAthnq3Q2yNZxuVIWUFF7PiI8E_R--mZ7TELPnKnAo67GuH9&google_gid=CAESEHCUqs4W1NjptYPFYmd9fH0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzEyMzE0NTM3NDM4Nzk1OTUyOTk1Nw%3D%3D&google_push=AQvitUITYLsSAdgy_nHzprraQG0zoZeAWEid0nxGz6X7r_nzfKztqAthnq3Q2yNZxuVIWUFF7PiI8E_R--mZ7TELPnKnAo67GuH9

Request Chain 78

https://rtb.openx.net/sync/dds?google_gid=CAESEP-xi_rOzkX1fbEPjJQ-HXY&google_cver=1&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEP-xi_rOzkX1fbEPjJQ-HXY&google_cver=1&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb&google_hm=deJQ1sMCyrQDGJJdJXuiJQ==

Request Chain 79

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELfPGoxD-rOM86NGaO6rKpM&google_cver=1&google_push=AQvitUK7jVM_wFCvbkSKw5yAXmVQJqsVvCVAXLKTU5XPgITZcjbWkEfEDV154RgeBstaJFtIfQviGeSJAeONVSLoBck8DI-Yhoq9 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELfPGoxD-rOM86NGaO6rKpM&google_cver=1&google_push=AQvitUK7jVM_wFCvbkSKw5yAXmVQJqsVvCVAXLKTU5XPgITZcjbWkEfEDV154RgeBstaJFtIfQviGeSJAeONVSLoBck8DI-Yhoq9&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Xr1G5e7zTBSonCyx8e1MBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK7jVM_wFCvbkSKw5yAXmVQJqsVvCVAXLKTU5XPgITZcjbWkEfEDV154RgeBstaJFtIfQviGeSJAeONVSLoBck8DI-Yhoq9

Request Chain 80

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIJuRkxHL6JsibD_mWveoFg&google_cver=1&google_push=AQvitULCBYUpFpBUgvEfJw-b5dUU5POXtfEYlNru7fBq2KK_mnl0FXe7RpetUFZu4Q3j9dlAYGN9Tq6Qd-odEzfVclLpugT3b0KH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZMkdYWUstOC04S0RR&google_push=AQvitULCBYUpFpBUgvEfJw-b5dUU5POXtfEYlNru7fBq2KK_mnl0FXe7RpetUFZu4Q3j9dlAYGN9Tq6Qd-odEzfVclLpugT3b0KH

Request Chain 81

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBn7MU0ZwQN4mLBp7xRZrpo&google_cver=1&google_push=AQvitUIaARPfJ0Si5CAj-8ZF_D-b9FNN0TUGmcGRlNJf6ElIvNRPPJJO8Wz30VPyljvb9z_SrHNQ4yRYH5OD0W-dUwNfmLYw0_RA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBn7MU0ZwQN4mLBp7xRZrpo&google_push=AQvitUIaARPfJ0Si5CAj-8ZF_D-b9FNN0TUGmcGRlNJf6ElIvNRPPJJO8Wz30VPyljvb9z_SrHNQ4yRYH5OD0W-dUwNfmLYw0_RA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGUCbVLacxRkRXVDh6IFrgAABJEAAAAB&google_push=AQvitUIaARPfJ0Si5CAj-8ZF_D-b9FNN0TUGmcGRlNJf6ElIvNRPPJJO8Wz30VPyljvb9z_SrHNQ4yRYH5OD0W-dUwNfmLYw0_RA&google_cver=1&google_gid=CAESEBn7MU0ZwQN4mLBp7xRZrpo

Request Chain 82

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPEauqhny8xSNHstX4rKN3o&google_cver=1&google_push=AQvitUKN9c-8vrGiF8X1KaB8x_lrvDc-V1ucc9MRkQ67vuMGyMOnJAmwsu1oRE3CD1PlGTJAZMciS-UZOSuocXSXDUm7zTrrlPxhJg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKN9c-8vrGiF8X1KaB8x_lrvDc-V1ucc9MRkQ67vuMGyMOnJAmwsu1oRE3CD1PlGTJAZMciS-UZOSuocXSXDUm7zTrrlPxhJg&google_hm=

Request Chain 89

http://img.secureserver.net/t/1/tl/event?cts=1617232493158&tce=1617232490591&tcs=1617232490578&tdc=1617232492955&tdclee=1617232492162&tdcles=1617232492161&tdi=1617232492066&tdl=1617232491083&tdle=1617232490578&tdls=1617232490558&tfs=1617232490557&tns=1617232490557&trqs=1617232490591&tre=1617232491746&trps=1617232491080&tles=1617232492955&tlee=1617232492956&ht=perf&dh=www.bstemplates.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&vci=2121510105&cv=1.0.6&z=326868812&vg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&vtg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&ap=cpsh&trfd=%7B%22cts%22%3A1617232492066%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0945%22%7D&dp=%2F HTTP 301
https://img.secureserver.net/t/1/tl/event?cts=1617232493158&tce=1617232490591&tcs=1617232490578&tdc=1617232492955&tdclee=1617232492162&tdcles=1617232492161&tdi=1617232492066&tdl=1617232491083&tdle=1617232490578&tdls=1617232490558&tfs=1617232490557&tns=1617232490557&trqs=1617232490591&tre=1617232491746&trps=1617232491080&tles=1617232492955&tlee=1617232492956&ht=perf&dh=www.bstemplates.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&vci=2121510105&cv=1.0.6&z=326868812&vg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&vtg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&ap=cpsh&trfd=%7B%22cts%22%3A1617232492066%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0945%22%7D&dp=%2F

89 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.bstemplates.com/ 179 KB
33 KB 522ms
489ms Document
text/html 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bstemplates.com/
Protocol: HTTP/1.1
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache / PHP/7.4.11
Resource Hash: 85558fc448eb18534cb11a66b5552c6ce2f19a1b3b4fa94de92eea68ea69888a

Request headers

Host: www.bstemplates.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 23:14:50 GMT
Server: Apache
X-Powered-By: PHP/7.4.11
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Link: <https://www.bstemplates.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33732
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 21ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic&ver=5.7

Requested by

Host: www.bstemplates.com
URL: http://www.bstemplates.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f6ebf84dd052fa6a29d7531f792e26169195b563b75f45a9681d07310a5eb29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 23:14:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Mar 2021 23:14:51 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 31 Mar 2021 23:14:51 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 4 KB
1 KB 20ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Oswald%3A400%2C300%2C700&ver=5.7

Requested by

Host: www.bstemplates.com
URL: http://www.bstemplates.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64869d040d357dc90ef69e3c7025afa56566e27453ef27f76901bd69ff47edd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 23:14:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 31 Mar 2021 22:19:36 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 31 Mar 2021 23:14:51 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.bstemplates.com/wp-includes/js/jquery/ 87 KB
31 KB 194ms
180ms Script
application/javascript 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bstemplates.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: HTTP/1.1
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 23:14:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2020 16:33:25 GMT
Server: Apache
ETag: "b363a47-15d98-5b11746475f40-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5
Content-Length: 30916
Expires: Fri, 30 Apr 2021 23:14:51 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.bstemplates.com/wp-includes/js/ 14 KB
5 KB 188ms
174ms Script
application/javascript 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bstemplates.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: HTTP/1.1
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 23:14:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jan 2021 15:18:33 GMT
Server: Apache
ETag: "b363add-3795-5b9cf2aeb8440-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5
Content-Length: 4662
Expires: Fri, 30 Apr 2021 23:14:51 GMT

GET
H2 200 bs-logo.png
www.bstemplates.com/wp-content/uploads/2018/04/ 1 KB
2 KB 281ms
94ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2018/04/bs-logo.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: ac80e0acc90189e5d22b0d1fe4b89c163c653f7a572431ca4a8d8e2991cf61c0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Thu, 05 Apr 2018 04:15:00 GMT
server: Apache
etag: "b3600e9-5a0-569122edb3900"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1440
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 38ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bstemplates.com
URL: http://www.bstemplates.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d83607d271d287418fdb2b503d0d282c0cdf91c6b3c8c574d3dc4e3674d8b6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 31 Mar 2021 23:14:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4916182422922681706
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47643
X-XSS-Protection: 0
Expires: Wed, 31 Mar 2021 23:14:52 GMT

GET
H/1.1 200
OK autoptimize_d5c8ef91d68d088423c1569729aeca4a.php Show response
www.bstemplates.com/wp-content/cache/autoptimize/ 57 KB
18 KB 129ms
129ms Script
text/javascript 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bstemplates.com/wp-content/cache/autoptimize/autoptimize_d5c8ef91d68d088423c1569729aeca4a.php
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: HTTP/1.1
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache / PHP/7.4.11
Resource Hash: 66417197be82b962dd092ee1386bcdb9c50aee71c678ec43fab753e889487581

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 23:14:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Feb 2021 00:42:53 GMT
Server: Apache
X-Powered-By: PHP/7.4.11
ETag: 7a46a8ad90634e47458e74ff25fa45d2
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=30672000, public, immutable, public, immutable
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 17579
Expires: Mon, 21 Mar 2022 23:14:52 GMT

GET
H2 200 tcc_l.combined.1.0.6.min.js Show response
img1.wsimg.com/tcc/ 12 KB
5 KB 125ms
35ms Script
application/x-javascript 84.53.161.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.82 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2017 16:26:41 GMT
etag: "52ef5c943baad21:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4564
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H/1.1 404
Not Found smallbs.png
www.bstemplates.com/wp-content/uploads/2018/04/ 3 KB
3 KB 394ms
394ms Image
text/html 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bstemplates.com/wp-content/uploads/2018/04/smallbs.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: HTTP/1.1
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache / PHP/7.4.11
Resource Hash: 5dc44f3f40193a73ef94a6be2e233d018caf5398c2796d958c48908d6de3c165

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 23:14:52 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/7.4.11
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <https://www.bstemplates.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 30791
Keep-Alive: timeout=5
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic&ver=5.7

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.bstemplates.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:36:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 01:18:36 GMT
Server: sffe
Age: 549474
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15736
X-XSS-Protection: 0
Expires: Fri, 25 Mar 2022 14:36:58 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.bstemplates.com/wp-content/themes/flymag/fonts/ 82 KB
82 KB 144ms
142ms Font
font/woff 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bstemplates.com/wp-content/themes/flymag/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: HTTP/1.1
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Origin: http://www.bstemplates.com
Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 23:14:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Dec 2018 05:14:31 GMT
Server: Apache
ETag: "b361026-14730-57c2b57247bc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: font/woff
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Expires: Fri, 30 Apr 2021 23:14:52 GMT

GET
H/1.1 200
OK TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald%3A400%2C300%2C700&ver=5.7

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.bstemplates.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 27 Mar 2021 10:37:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Jan 2021 20:31:39 GMT
Server: sffe
Age: 391043
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 31676
X-XSS-Protection: 0
Expires: Sun, 27 Mar 2022 10:37:29 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic&ver=5.7

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.bstemplates.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Mar 2021 11:41:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 01:19:00 GMT
Server: sffe
Age: 473607
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15816
X-XSS-Protection: 0
Expires: Sat, 26 Mar 2022 11:41:25 GMT

GET
H2 200 business_startup_checklist_templates_samples_examples.png
www.bstemplates.com/wp-content/uploads/2020/10/ 7 KB
8 KB 244ms
111ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/business_startup_checklist_templates_samples_examples.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 11cd18037aeb508e7f07ed72466ad8c0713a4a4ed224dd2dcdd865d9ee2003d2

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Tue, 06 Oct 2020 03:54:07 GMT
server: Apache
etag: "b362ddc-1da2-5b0f88cfc5728"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7586
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 supply_request_form_template_excel.png
www.bstemplates.com/wp-content/uploads/2020/10/ 9 KB
9 KB 244ms
111ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/supply_request_form_template_excel.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 1496bf8e587cc8790ceb764e38e9fe9b6826f6f6553e6fa4427a1ed897932e32

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Tue, 06 Oct 2020 03:44:49 GMT
server: Apache
etag: "b362dc0-23eb-5b0f86bc0d5e5"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9195
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 annual_budget_templates_excel.png
www.bstemplates.com/wp-content/uploads/2020/10/ 89 KB
89 KB 239ms
107ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/annual_budget_templates_excel.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: e042a3c7bb03aaa0ec1f7df629f6e6e40ac812933caa2786776ad9feba30e29f

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Tue, 06 Oct 2020 03:31:03 GMT
server: Apache
etag: "b362daf-16301-5b0f83a876c52"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 90881
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 employee_information_forms_templates.png
www.bstemplates.com/wp-content/uploads/2020/10/ 73 KB
73 KB 243ms
111ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/employee_information_forms_templates.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 3688a3928a4b8ff28357bbecb83be9eb6fce6cda3810a83cfc42265806d6519c

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Tue, 06 Oct 2020 03:17:57 GMT
server: Apache
etag: "b362d9f-12264-5b0f80badeb93"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 74340
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 forecasting_report_templates-820x483.png
www.bstemplates.com/wp-content/uploads/2020/10/ 36 KB
36 KB 230ms
98ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/forecasting_report_templates-820x483.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 536c94880156880ae36faa340eb85ffe803de8e002238ba92d73ff3f669867ff

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Mon, 05 Oct 2020 11:30:55 GMT
server: Apache
etag: "b362d98-8fda-5b0ead0d090a3"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36826
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 risk_assessment_form_templates_examples_samples.png
www.bstemplates.com/wp-content/uploads/2020/10/ 12 KB
12 KB 166ms
166ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/risk_assessment_form_templates_examples_samples.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 93e565cfd1802716c2e21b99b8e42b0f9b3cd4f5b4fdc698bfee5b21b62f6862

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Mon, 05 Oct 2020 11:20:38 GMT
server: Apache
etag: "b362d7c-3150-5b0eaac0c8a8c"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12624
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 training_report_templates_excel.png
www.bstemplates.com/wp-content/uploads/2020/10/ 57 KB
57 KB 108ms
108ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/training_report_templates_excel.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 7353845f03aa2b8c6be57fa2e915bbd9bb45a3c24cef76703c9944d916e65c2a

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Mon, 05 Oct 2020 11:10:09 GMT
server: Apache
etag: "b362d67-e3d0-5b0ea8682b135"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 58320
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 product_feedback_form_template_sample_example.png
www.bstemplates.com/wp-content/uploads/2020/10/ 9 KB
9 KB 167ms
166ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/product_feedback_form_template_sample_example.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 33ca3c4103edde6e316bdaf92c39e1a97242e6e3e2e48d11fae62d89d21502bf

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Mon, 05 Oct 2020 10:54:08 GMT
server: Apache
etag: "b362d5c-2369-5b0ea4d3f7eb6"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9065
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 employee_attendance_sheet_excel_templates.png
www.bstemplates.com/wp-content/uploads/2020/10/ 84 KB
85 KB 167ms
166ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/employee_attendance_sheet_excel_templates.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: 4586eb6479ce4f4fc71a7f5fe7713f0cc48734e793b138050c88df23f406bf2a

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Sun, 04 Oct 2020 22:29:40 GMT
server: Apache
etag: "b362d3e-150f1-5b0dfe6d5e580"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 86257
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 visitor_register_templates_excel.png
www.bstemplates.com/wp-content/uploads/2020/10/ 9 KB
9 KB 167ms
166ms Image
image/png 107.180.41.251
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bstemplates.com/wp-content/uploads/2020/10/visitor_register_templates_excel.png
Requested by: Host: www.bstemplates.com
URL: http://www.bstemplates.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.41.251 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-41-251.ip.secureserver.net
Software: Apache /
Resource Hash: ff9a44dbabe56ea896bf1a287af6ac3b6b18309f142116b49790cdded4e6386f

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
last-modified: Sun, 04 Oct 2020 21:32:46 GMT
server: Apache
etag: "b362d27-23b5-5b0df1b553559"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9141
expires: Thu, 31 Mar 2022 23:14:52 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/ 227 KB
85 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6963113852826448&plah=www.bstemplates.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86637
x-xss-protection: 0
server: cafe
etag: 7600525576280132900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Mar 2021 23:14:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/ Frame 17CF 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210329/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.bstemplates.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.bstemplates.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 31 Mar 2021 22:40:42 GMT
expires: Wed, 14 Apr 2021 22:40:42 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 2050
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
645 B 112ms
56ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bstemplates.com&callback=_gfp_s_&client=ca-pub-6963113852826448

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6963113852826448&plah=www.bstemplates.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

083f846c691517af0d69055c0f01d5cf7bc48dcd2c043561cf56fd2a282e1683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bstemplates.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bstemplates.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80A5 58 KB
21 KB 439ms
424ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=600&slotname=3258122610&adk=2342618132&adf=1267930685&pi=t.ma~as.3258122610&w=300&lmt=1617232492&psa=0&format=300x600&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&wgl=1&dt=1617232492075&bpp=11&bdt=991&idt=57&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7486171768381&frm=20&pv=2&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1083&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RF0h3rUYtg&p=http%3A//www.bstemplates.com&dtd=73

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6e4355a417e3d3712ef0d2b4b5588a8dd1f4206703f68171e7a0a9ef41468ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6963113852826448&output=html&h=600&slotname=3258122610&adk=2342618132&adf=1267930685&pi=t.ma~as.3258122610&w=300&lmt=1617232492&psa=0&format=300x600&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&wgl=1&dt=1617232492075&bpp=11&bdt=991&idt=57&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7486171768381&frm=20&pv=2&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1083&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RF0h3rUYtg&p=http%3A//www.bstemplates.com&dtd=73
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.bstemplates.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.bstemplates.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 31 Mar 2021 23:14:52 GMT
server: cafe
content-length: 21349
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 31-Mar-2021 23:29:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Mar 2021 23:14:52 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Wed, 31 Mar 2021 23:14:52 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E51 15 KB
2 KB 119ms
112ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&adk=1812271804&adf=3025194257&lmt=1617232492&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.bstemplates.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617232492086&bpp=2&bdt=1003&idt=68&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=72

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1368f081f0477d84378d53d42c30a89fffd3758d00aef98f44137c81782323b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6963113852826448&output=html&adk=1812271804&adf=3025194257&lmt=1617232492&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.bstemplates.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617232492086&bpp=2&bdt=1003&idt=68&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=72
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.bstemplates.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.bstemplates.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 31 Mar 2021 23:14:52 GMT
server: cafe
content-length: 1197
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 31-Mar-2021 23:29:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Mar 2021 23:14:52 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 36ms
22ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bstemplates.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 44ms
29ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bstemplates.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE3F 69 KB
24 KB 465ms
465ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=280&adk=1377720917&adf=639192016&pi=t.aa~a.2004663329~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x280&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0&nras=2&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=omsUCJpbPc&p=http%3A//www.bstemplates.com&dtd=7

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfab2e61669df8529f9db9b4c12b84a3b07561b33c36b5b3bf771412896a5e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6963113852826448&output=html&h=280&adk=1377720917&adf=639192016&pi=t.aa~a.2004663329~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x280&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0&nras=2&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=omsUCJpbPc&p=http%3A//www.bstemplates.com&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.bstemplates.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.bstemplates.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 31 Mar 2021 23:14:52 GMT
server: cafe
content-length: 24280
x-xss-protection: 0
set-cookie: IDE=AHWqTUm1ymtCr7u1XSsADBujfO8tsvXE-f4rGZyxdALMy669K7gT_P8KIV1yrpp-Osg; expires=Mon, 25-Apr-2022 23:14:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Mar 2021 23:14:52 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A83F 100 KB
33 KB 289ms
288ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19063e5998e2513ed3254df05b2eeff24d3de6675cbbfcc3f3492ae08c99c176

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbW5cHU2-8CFWvJuwgd9W0G9A&gqi=bAJlYLCwE4zC7_UPifOnkAc&layout=/sadbundle/%24csp%253Der3%24/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.bstemplates.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.bstemplates.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbW5cHU2-8CFWvJuwgd9W0G9A&gqi=bAJlYLCwE4zC7_UPifOnkAc&layout=/sadbundle/%24csp%253Der3%24/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 31 Mar 2021 23:14:52 GMT
server: cafe
content-length: 32763
x-xss-protection: 0
set-cookie: IDE=AHWqTUkiOqu4TsvTgMIjGcvg4qRgFBoJM62VW4I_YDyVs_rOLMCJit5nwrszKQlxdUA; expires=Mon, 25-Apr-2022 23:14:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Mar 2021 23:14:52 GMT
cache-control: private

GET
H2 200 15062632271734362417
tpc.googlesyndication.com/simgad/ Frame 80A5 26 KB
26 KB 32ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15062632271734362417?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnxQiF0nh49mmUpc0t3GTXgfcMQxg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=600&slotname=3258122610&adk=2342618132&adf=1267930685&pi=t.ma~as.3258122610&w=300&lmt=1617232492&psa=0&format=300x600&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&wgl=1&dt=1617232492075&bpp=11&bdt=991&idt=57&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7486171768381&frm=20&pv=2&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1083&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RF0h3rUYtg&p=http%3A//www.bstemplates.com&dtd=73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88706120bcc17d5f3be0bb5ddb68ac9ec3431c0784b6792982595cb6d03ebf23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:05:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Sep 2018 18:18:44 GMT
server: sffe
age: 14954
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26291
x-xss-protection: 0
expires: Thu, 31 Mar 2022 19:05:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame 80A5 17 KB
7 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 12304503248286081012
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 22:41:20 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 80A5 2 KB
1 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:05:49 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80A5 118 KB
36 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Wed, 31 Mar 2021 23:14:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 80A5 13 KB
6 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:01:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 80A5 25 KB
11 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 23:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10479
x-xss-protection: 0
server: cafe
etag: 5380568613746674957
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 23:59:59 GMT

GET
H3-Q050

200

B23794173.267051853;dc_pre=COL3-sHU2-8CFZqAgwcdcLoHVQ;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1387634820;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 80A5
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1387634820;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=COL3-sHU2-8CFZqAgwcdcLoHVQ;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1387634820;dc_lat=;dc_rdid=;tag...

42 B
515 B

80ms
48ms

Fetch
image/gif

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=COL3-sHU2-8CFZqAgwcdcLoHVQ;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1387634820;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=COL3-sHU2-8CFZqAgwcdcLoHVQ;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1387634820;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 80A5 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeKXDbAJlYIztC8eQ7_UPxfC2qA7W8KLhYdTtnNSZDaj_u-W5EhABIKnt3SRglQKgAe_1jtsDyAECqAMByAPJBKoEywFP0CZXWp4Eu814FyUSKbpgyU_mVLJw463KNCYPzlj7t6qnarmGljwkJsphdc00v9uVLC56h3erXxxzOkBJaAQ2aMaO8U2jXYYcGQhqnW4vgS9N2ZOHpq2APu_VlAkuuxUByQA0qsTEEQ1PYS0aBIbst4-eKa4djQ_NFJNcZv0y4OSnllB6JYlvXnPViRtPwYMz_L-PhH1TRqTDgLss-d4wY8R7swrQ4UJTCHV-1kgYDvY3kN55hziwROMAjkw6NpB4i_Rhv6qH-6j-SsAEmL-vmKICkgUECAQYAZIFBAgFGASgBgKAB562mymoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwUQxILaAdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi02OTYzMTEzODUyODI2NDQ4&sigh=wD-LksqFEH0&tpd=AGWhJmsDVUno8ncpTs-UKfko3RwdmfIXrKva8cPw3X-pNqKBcA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=600&slotname=3258122610&adk=2342618132&adf=1267930685&pi=t.ma~as.3258122610&w=300&lmt=1617232492&psa=0&format=300x600&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&wgl=1&dt=1617232492075&bpp=11&bdt=991&idt=57&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7486171768381&frm=20&pv=2&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1083&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RF0h3rUYtg&p=http%3A//www.bstemplates.com&dtd=73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 31 Mar 2021 23:14:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 300x250_Performance_Stock_CYSEC.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/ Frame A73D 376 KB
46 KB 17ms
16ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Requested by

Host: www.bstemplates.com
URL: http://www.bstemplates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4c6cd3eade63c30c1b28dde23349887fa726430fe1de72ac17b595a2c45863

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 29 Mar 2021 05:45:28 GMT
expires: Tue, 29 Mar 2022 05:45:28 GMT
last-modified: Mon, 15 Mar 2021 05:20:20 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 46163
age: 235764
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8AC7 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2xVybAJlYMbwE-uS7_UP9duZoA-v2IP1YY2CzJWkDYXdo6fZAhABIKnt3SRglQKgAercgNECyAEJqQL6_9Q3d4-pPqgDAcgDSKoE0QFP0GhZEnSUGRmI7b4tY-k4yhsC_KuTY6q7zdwIfdNq5RZrr0ynQK5fY6OUxxObwtfjQ8NpuA2_JVBr9Pk1PDZzLtTFYB5Yp6XcQcuTMvYmUjbrVzQhBv6cTYA_9Mv1S7vUdKiVKWM5omS2lwZU4WZxvw2Idy8LLemH7PA8OrPTJAVIIGJXl6ik44qw7OXbosOfkmmv6GWk_zEU2YxW98NclbfXojFAg5xjhmiTexCbbqAN8Ni2ZCgEq3X8PjT9_R2IIdgrB06wmWzHDkxG7wdyO8AE-8HKxKQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPCLEdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi02OTYzMTEzODUyODI2NDQ4&sigh=qnbnKSGmT20&template_id=419&tpd=AGWhJmtdu9LNLAQI7Og8lLXemXC6juxSIs_40Iqckk3cHo9NyA

Requested by

Host: www.bstemplates.com
URL: http://www.bstemplates.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 31 Mar 2021 23:14:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame 8AC7 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 12304503248286081012
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 22:41:20 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 8AC7 2 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:05:49 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AC7 118 KB
36 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Wed, 31 Mar 2021 23:14:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 8AC7 13 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:01:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8AC7 0
0 14ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0rrtDyBhFQ5xJLyEzi1CkqjLJcZzoOwhFqC7Dg0Ht2xjs3qkM3lZ5WfP-BrVnFZYaohXsxVaYtbg6u6-75fbyhPsYxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8E8E 143 B
220 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=600&slotname=3258122610&adk=2342618132&adf=1267930685&pi=t.ma~as.3258122610&w=300&lmt=1617232492&psa=0&format=300x600&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&wgl=1&dt=1617232492075&bpp=11&bdt=991&idt=57&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7486171768381&frm=20&pv=2&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1083&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RF0h3rUYtg&p=http%3A//www.bstemplates.com&dtd=73
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkiOqu4TsvTgMIjGcvg4qRgFBoJM62VW4I_YDyVs_rOLMCJit5nwrszKQlxdUA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=600&slotname=3258122610&adk=2342618132&adf=1267930685&pi=t.ma~as.3258122610&w=300&lmt=1617232492&psa=0&format=300x600&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&wgl=1&dt=1617232492075&bpp=11&bdt=991&idt=57&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7486171768381&frm=20&pv=2&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1083&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=RF0h3rUYtg&p=http%3A//www.bstemplates.com&dtd=73

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 31 Mar 2021 22:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3092
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1B9 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkiOqu4TsvTgMIjGcvg4qRgFBoJM62VW4I_YDyVs_rOLMCJit5nwrszKQlxdUA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=200&adk=1439195881&adf=3881226168&pi=t.aa~a.573379464~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x200&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0%2C360x280&nras=3&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Xc5ImZ6Xo4&p=http%3A//www.bstemplates.com&dtd=10

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 31 Mar 2021 22:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3092
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 80A5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ce880b493eeeafb6abcfd0073c2774136a8b4b526f7135caaefa0f15cf6d3b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8AC7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b0cebeb3316b6a9e3f47c28ad1e75c1ac557819c65a9424bbe6ebc44d4bb6ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 8AC7 0
433 B 75ms
41ms Other
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbW5cHU2-8CFWvJuwgd9W0G9A&gqi=bAJlYLCwE4zC7_UPifOnkAc&layout=/sadbundle/%24csp%253Der3%24/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A73D 9 KB
3 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Apr 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A73D 22 KB
9 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11718045947812002883/300x250_Performance_Stock_CYSEC/300x250_Performance_Stock_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Apr 2021 13:07:30 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8E8E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
15ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm1ymtCr7u1XSsADBujfO8tsvXE-f4rGZyxdALMy669K7gT_P8KIV1yrpp-Osg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 31 Mar 2021 23:14:52 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 01-Apr-2021 00:14:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Mar 2021 23:14:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 31 Mar 2021 23:14:52 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame EB7E 14 KB
6 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 512224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:57:48 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

15ms
14ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm1ymtCr7u1XSsADBujfO8tsvXE-f4rGZyxdALMy669K7gT_P8KIV1yrpp-Osg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 31 Mar 2021 23:14:52 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 01-Apr-2021 00:14:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Mar 2021 23:14:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 31 Mar 2021 23:14:52 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame DE3F 4 KB
713 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=280&adk=1377720917&adf=639192016&pi=t.aa~a.2004663329~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x280&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0&nras=2&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=omsUCJpbPc&p=http%3A//www.bstemplates.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 22:21:12 GMT
server: ESF
date: Wed, 31 Mar 2021 23:14:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Mar 2021 23:14:52 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame DE3F 1 KB
1004 B 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 22:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 22:58:56 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame DE3F 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 12304503248286081012
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 22:41:20 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame DE3F 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:05:49 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE3F 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Wed, 31 Mar 2021 23:14:52 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame DE3F 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:01:48 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame DE3F 0
0 31ms
27ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQul_ph43uVAArcAb_ILQ2opZ_y3_G4hxAP84PaU83Zv5Y9nWSq8qYVyGy5D_HTTMquP2lI_jaKmqxBW9mScOpW-c1U1Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=280&adk=1377720917&adf=639192016&pi=t.aa~a.2004663329~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x280&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0&nras=2&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=omsUCJpbPc&p=http%3A//www.bstemplates.com&dtd=7
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame DE3F 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 05:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 580671
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 23 Jun 2021 05:57:01 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame DE3F 0
0 41ms
41ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuEq4bAJlYPPrE6uO7_UPhNue2A_D9J3eYYvzxt_XDLzr7NnBHxABIKnt3SRglQKgAbrb45gDyAEJqAMByAPLBKoEzwFP0IvmNimVstGfzfNyDZbQa19lrfIxYFCCnr3ve93AQ_dDvJuSOgDdVkCBZ5d6qtkEpf50q9OR_eJP3B29v8UJS5x_88K32mvrPimz4cu9qdoOUP88G5ACZO_GX32e1YpJYRTQCffgZRQdxbI86EBwg2njSHgR0GBQyIC4gwm_5gTO_EwITK-mFp871e7XPw4jL_M1aDA9fXlOeIaPCyVtkLFwd18obzEINaRRo30jR3V5dkZtctCj6dtvY219MpGmbtxZqr7tGJ2CGYadO-PABNL6_6KRA5IFBAgEGAGSBQQIBRgEoAYugAeupJxnqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEICMItIICQiA4YAQEAEYH4AKAcgLAdgTDYgUBbIXGgoYCAASFHB1Yi02OTYzMTEzODUyODI2NDQ4&sigh=tKO_8_b7ixk&template_id=5000&tpd=AGWhJmsuo9zQfga4mleTpHqErxeGhr-jpG0CYn-5m-o3au5nYQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6963113852826448&output=html&h=280&adk=1377720917&adf=639192016&pi=t.aa~a.2004663329~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617232492&rafmt=1&to=qs&pwprc=4683591317&psa=0&format=360x280&url=http%3A%2F%2Fwww.bstemplates.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617232492298&bpp=1&bdt=1215&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1b46b80d9fba930-221dcd15edba000d%3AT%3D1617232492%3ART%3D1617232492%3AS%3DALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ&prev_fmts=300x600%2C0x0&nras=2&correlator=7486171768381&frm=20&pv=1&ga_vid=1382153041.1617232492&ga_sid=1617232492&ga_hid=1404116518&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C182982300%2C44740079%2C44739387&oid=3&pvsid=1936198856397634&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=omsUCJpbPc&p=http%3A//www.bstemplates.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 31 Mar 2021 23:14:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13827008254389160225/ Frame DE3F 16 KB
17 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13827008254389160225/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a4195cedc39659810cbe77c2b3af601813d52d59728ce7e16dfce94fe60f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 07:53:07 GMT
x-content-type-options: nosniff
age: 400905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16808
x-xss-protection: 0
last-modified: Sat, 19 Sep 2020 01:34:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 07:53:07 GMT

GET
DATA 200
OK truncated
/ Frame DE3F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 45D5 1 KB
971 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 31 Mar 2021 03:14:09 GMT
expires: Thu, 01 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 72043
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DE3F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f14dc0c4168e3ee90d8183fb58a9d698fa791ad45c1bcc4f63c0e59543f14adc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame DE3F 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:36:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 405516
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:36:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame DE3F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 88099
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 30 Mar 2022 22:46:33 GMT

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame A73D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 512224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:57:48 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 45D5 35 B
463 B 25ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKEkSUbr0b0u7u9TLxveFkA&google_cver=1&google_push=AQvitUJzGAyJaohAcnZnnxZBYt4-AIYNUV33Ul8FFcMXNpHvtFRtGITl6nJSyYGNE4u6owJWsGifipwVJb63sPAs_OmaWqNRm8I

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 45D5
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUITYLsS...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUITYLsS...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzEyMzE0NTM3NDM4Nzk1OTUyOTk1Nw%3D%3D&google_push=AQvitUITYLsSAdgy_nHzprraQG0zoZeAWEid0nxGz6X7r_nzfKztqAthnq3Q2yNZxuVIWU...

170 B
190 B

35ms
35ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzEyMzE0NTM3NDM4Nzk1OTUyOTk1Nw%3D%3D&google_push=AQvitUITYLsSAdgy_nHzprraQG0zoZeAWEid0nxGz6X7r_nzfKztqAthnq3Q2yNZxuVIWUFF7PiI8E_R--mZ7TELPnKnAo67GuH9

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzEyMzE0NTM3NDM4Nzk1OTUyOTk1Nw%3D%3D&google_push=AQvitUITYLsSAdgy_nHzprraQG0zoZeAWEid0nxGz6X7r_nzfKztqAthnq3Q2yNZxuVIWUFF7PiI8E_R--mZ7TELPnKnAo67GuH9
Pragma: no-cache
Date: Wed, 31 Mar 2021 23:14:53 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 45D5
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEP-xi_rOzkX1fbEPjJQ-HXY&google_cver=1&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb
https://rtb.openx.net/sync/dds?google_gid=CAESEP-xi_rOzkX1fbEPjJQ-HXY&google_cver=1&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb&google_hm=deJQ1sMCyrQDGJJdJXuiJQ==

170 B
484 B

78ms
48ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb&google_hm=deJQ1sMCyrQDGJJdJXuiJQ==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK5wRJ_pbY3f_UVyNi4_vJSV7K-5gXokxOzcs6BU6G3rUtBm6TIebLbFQlNmqWpIoscnAxF_eB9-OyHm5VUPYI90nuLWgkb&google_hm=deJQ1sMCyrQDGJJdJXuiJQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: vet5tmfi86oam6rbhrqdnfqi6t8nv6ir

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 45D5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Xr1G5e7zTBSonCyx8e1MBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

57ms
48ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Xr1G5e7zTBSonCyx8e1MBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK7jVM_wFCvbkSKw5yAXmVQJqsVvCVAXLKTU5XPgITZcjbWkEfEDV154RgeBstaJFtIfQviGeSJAeONVSLoBck8DI-Yhoq9

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Xr1G5e7zTBSonCyx8e1MBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK7jVM_wFCvbkSKw5yAXmVQJqsVvCVAXLKTU5XPgITZcjbWkEfEDV154RgeBstaJFtIfQviGeSJAeONVSLoBck8DI-Yhoq9
Date: Wed, 31 Mar 2021 23:14:52 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 45D5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIJuRkxHL6JsibD_mWveoFg&google_cver=1&google_push=AQvitULCBYUpFpBUgvEfJw-b5dUU5POXtfEYlNru7fBq2KK_mnl0FXe7RpetUFZu4Q3j9dlAYGN...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZMkdYWUstOC04S0RR&google_push=AQvitULCBYUpFpBUgvEfJw-b5dUU5POXtfEYlNru7fBq2KK_mnl0FXe7RpetUFZu4Q3j9dlAYGN9Tq6Qd-odEzfVclLpugT3b0KH

170 B
190 B

79ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZMkdYWUstOC04S0RR&google_push=AQvitULCBYUpFpBUgvEfJw-b5dUU5POXtfEYlNru7fBq2KK_mnl0FXe7RpetUFZu4Q3j9dlAYGN9Tq6Qd-odEzfVclLpugT3b0KH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01ZMkdYWUstOC04S0RR&google_push=AQvitULCBYUpFpBUgvEfJw-b5dUU5POXtfEYlNru7fBq2KK_mnl0FXe7RpetUFZu4Q3j9dlAYGN9Tq6Qd-odEzfVclLpugT3b0KH
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 45D5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBn7MU0ZwQN4mLBp7xRZrpo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBn7MU0ZwQN4mLBp7xRZrpo&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGUCbVLacxRkRXVDh6IFrgAABJEAAAAB&google_push=AQvitUIaARPfJ0Si5CAj-8ZF_D-b9FNN0TUGmcGRlNJf6ElIvNRPPJJO8Wz30VPyljvb9z_SrHNQ4yRYH5OD0W-dUw...

170 B
190 B

34ms
34ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGUCbVLacxRkRXVDh6IFrgAABJEAAAAB&google_push=AQvitUIaARPfJ0Si5CAj-8ZF_D-b9FNN0TUGmcGRlNJf6ElIvNRPPJJO8Wz30VPyljvb9z_SrHNQ4yRYH5OD0W-dUwNfmLYw0_RA&google_cver=1&google_gid=CAESEBn7MU0ZwQN4mLBp7xRZrpo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 31 Mar 2021 23:14:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGUCbVLacxRkRXVDh6IFrgAABJEAAAAB&google_push=AQvitUIaARPfJ0Si5CAj-8ZF_D-b9FNN0TUGmcGRlNJf6ElIvNRPPJJO8Wz30VPyljvb9z_SrHNQ4yRYH5OD0W-dUwNfmLYw0_RA&google_cver=1&google_gid=CAESEBn7MU0ZwQN4mLBp7xRZrpo
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Wed, 31 Mar 2021 23:14:53 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 45D5
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPEauqhny8xSNHstX4rKN3o&google_cver=1&google_push=AQvitUKN9c-8vrGiF8X1KaB8...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKN9c-8vrGiF8X1KaB8x_lrvDc-V1ucc9MRkQ67vuMGyMOnJAmwsu1oRE3CD1PlGTJAZMciS-UZOSuocXSXDUm7zTrrlPxhJg&google_hm=

170 B
190 B

34ms
33ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKN9c-8vrGiF8X1KaB8x_lrvDc-V1ucc9MRkQ67vuMGyMOnJAmwsu1oRE3CD1PlGTJAZMciS-UZOSuocXSXDUm7zTrrlPxhJg&google_hm=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKN9c-8vrGiF8X1KaB8x_lrvDc-V1ucc9MRkQ67vuMGyMOnJAmwsu1oRE3CD1PlGTJAZMciS-UZOSuocXSXDUm7zTrrlPxhJg&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Tue, 30 Mar 2021 23:14:53 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 45D5 0
236 B 92ms
32ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InORnCuXKnOIRECMC_3bwq0_6X7Zc0Pbcvwm5GG7VHWVm_G8cZkwYw-Qc6hGXJhH6MoUTbRA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:53 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 19ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210329&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f9f8c61a11ebd9b7b49631ff3aeb2115d6897a15224aa595eeb9db0513b1eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Mar 2021 23:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6916
x-xss-protection: 0

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame C6BC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 512225
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:57:48 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 31 Mar 2021 23:14:53 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9B2A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.bstemplates.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.bstemplates.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 31 Mar 2021 20:57:25 GMT
expires: Thu, 31 Mar 2022 20:57:25 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8248
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B2A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 512225
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 26 Mar 2022 00:57:48 GMT

GET
H/1.1

200
OK

event
img.secureserver.net/t/1/tl/
Redirect Chain

http://img.secureserver.net/t/1/tl/event?cts=1617232493158&tce=1617232490591&tcs=1617232490578&tdc=1617232492955&tdclee=1617232492162&tdcles=1617232492161&tdi=1617232492066&tdl=1617232491083&tdle=1...
https://img.secureserver.net/t/1/tl/event?cts=1617232493158&tce=1617232490591&tcs=1617232490578&tdc=1617232492955&tdclee=1617232492162&tdcles=1617232492161&tdi=1617232492066&tdl=1617232491083&tdle=...

43 B
639 B

166ms
117ms

Image
image/gif

184.31.90.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.secureserver.net/t/1/tl/event?cts=1617232493158&tce=1617232490591&tcs=1617232490578&tdc=1617232492955&tdclee=1617232492162&tdcles=1617232492161&tdi=1617232492066&tdl=1617232491083&tdle=1617232490578&tdls=1617232490558&tfs=1617232490557&tns=1617232490557&trqs=1617232490591&tre=1617232491746&trps=1617232491080&tles=1617232492955&tlee=1617232492956&ht=perf&dh=www.bstemplates.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&vci=2121510105&cv=1.0.6&z=326868812&vg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&vtg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&ap=cpsh&trfd=%7B%22cts%22%3A1617232492066%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0945%22%7D&dp=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-31-90-156.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Wed, 31 Mar 2021 23:14:53 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.bstemplates.com, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://img.secureserver.net/t/1/tl/event?cts=1617232493158&tce=1617232490591&tcs=1617232490578&tdc=1617232492955&tdclee=1617232492162&tdcles=1617232492161&tdi=1617232492066&tdl=1617232491083&tdle=1617232490578&tdls=1617232490558&tfs=1617232490557&tns=1617232490557&trqs=1617232490591&tre=1617232491746&trps=1617232491080&tles=1617232492955&tlee=1617232492956&ht=perf&dh=www.bstemplates.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&vci=2121510105&cv=1.0.6&z=326868812&vg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&vtg=24ca386d-3158-4e39-b1c8-0ffe12f9451b&ap=cpsh&trfd=%7B%22cts%22%3A1617232492066%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0945%22%7D&dp=%2F
Date: Wed, 31 Mar 2021 23:14:53 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210329&jk=1936198856397634&bg=!BAelB0PNAAY56aLOOek7ACkAdvg8WmcaOxKbatgxofegi9tZoXt5mELi7KHph8YkS-Ob0fnJeCxw-QIAAABQUgAAAAxoAQcKAGSrlisiASIANsqkU6VJ3ao-1kkZhOQ0nGkcs5UnLHe2-E1deLR4OrgasQgG16HtwkHSZaGt5Mc5iir8zdVZhaeINaDu6H5Eb1caZrtjFhyjL0O6ws755aFY6-J53g_gKSINE8ZlmQIh963XAHbiFNlFaF2PqXnZP9AO6bmG5rP9fL2AcXOOKVzcpi7OXTVqQLWsZMQJ2JRUEsFqWQW19x5Mg0l-c0ih0Jp-TzwUPQhv5-I17SKMnRxiA8KtYEpWn4hoVjAfgTd4r-8SoKBjfM0VgqgSXA3sWgvc5eC2NJMaCFIiHgeEbJpit8Ln9lQB0Fpjk8jrRkWZgWzQFnWoMWVkSwJVFkNdxpDePPi9_uh9q9TWGoL79tM0W35amkhz9Fv9x5JBtu3-m2l8wUhEs-P-KFvssO0vc4VvN2fArTwL_Yx-MXIb1zPEjPfGhFXPRtkM5FsfT8ZbQvKMNitkBwFpgKYT8bkyo9CGvI0CKItacRtYyxRr1tn_GEuILgwwoJaN4_TfNaoWERmT2qNESV28xSo0vtGeR9N8uN5XKZJk5VjtJ5vP-r3Yl8ZUvqkbUpWxYiPesosJ6sm0HODjIOyI5aMzetCpCAhgGQ9_VKoJMI7fW3B26Z_vwGfZ-6rRS_X3sqvpzwwurDZrbwhPccJXpYPhyxa5unazZXJXfMHX19B44umS72_N6OhTID4FC7o5qPG68n4cb-TLKb03tmvO1_ZG8T35uwPZ5sY0Ya9sNyOsliqozNn-LsMZottrK7go527-MDH_EEzVjGtfDD7cmLmnplJ-h3t3vTbOfKY82cY0Vm7k0aWyvPTXi9pvaCuBq9zEQ9G4rcK3gKIJdRhQ8D7nZKbSpd8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bstemplates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 80A5 42 B
92 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueht8WVXhU1pHCCz4XhNNRLx1P41j1axoKFfyIXmq0k7y-P18FZti4i2oVDW4qhcEKr84OXdbLKfTJg_nVpnWfEcDzamQ_Qn1Qm8hWT270n_p7uz4JO8vcT4ciYg&sai=AMfl-YT75fMlksT5n0C2xGLsSr2zLdQT_PLUzuYoEITnNCGZiYQBPt0IY5QarbJaum8cWlnkJ4OyRqPDTKpV&sig=Cg0ArKJSzBNj12XxrQ-sEAE&id=osdim&mcvt=1001&p=751,1083,1351,1383&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&app=0&itpl=4&adk=2342618132&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617232492151&dlt=443&rpt=66&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Mar 2021 23:14:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:13:56	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:35:28	Name: IDE Value: AHWqTUm1ymtCr7u1XSsADBujfO8tsvXE-f4rGZyxdALMy669K7gT_P8KIV1yrpp-Osg
.bstemplates.com/	1970-01-20 02:35:28	Name: __gads Value: ID=a1b46b80d9fba930-221dcd15edba000d:T=1617232492:RT=1617232492:S=ALNI_MZwDKi1hKQhJ4Rf117VpELttOMRFQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.bstemplates.com/wp-content/cache/autoptimize/autoptimize_d5c8ef91d68d088423c1569729aeca4a.php(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
img.secureserver.net
img1.wsimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.bstemplates.com
www.google.com
www.googletagservices.com
www.gstatic.com
107.180.41.251
142.250.185.134
142.250.186.98
184.31.90.156
184.51.9.98
185.64.190.78
216.58.212.130
217.182.200.29
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
35.186.253.211
54.149.220.116
69.173.144.165
84.53.161.82
083f846c691517af0d69055c0f01d5cf7bc48dcd2c043561cf56fd2a282e1683
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
11cd18037aeb508e7f07ed72466ad8c0713a4a4ed224dd2dcdd865d9ee2003d2
1368f081f0477d84378d53d42c30a89fffd3758d00aef98f44137c81782323b9
1496bf8e587cc8790ceb764e38e9fe9b6826f6f6553e6fa4427a1ed897932e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19063e5998e2513ed3254df05b2eeff24d3de6675cbbfcc3f3492ae08c99c176
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2
33ca3c4103edde6e316bdaf92c39e1a97242e6e3e2e48d11fae62d89d21502bf
3688a3928a4b8ff28357bbecb83be9eb6fce6cda3810a83cfc42265806d6519c
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
3ce880b493eeeafb6abcfd0073c2774136a8b4b526f7135caaefa0f15cf6d3b3
3f6ebf84dd052fa6a29d7531f792e26169195b563b75f45a9681d07310a5eb29
4586eb6479ce4f4fc71a7f5fe7713f0cc48734e793b138050c88df23f406bf2a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a4c6cd3eade63c30c1b28dde23349887fa726430fe1de72ac17b595a2c45863
536c94880156880ae36faa340eb85ffe803de8e002238ba92d73ff3f669867ff
5dc44f3f40193a73ef94a6be2e233d018caf5398c2796d958c48908d6de3c165
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
64869d040d357dc90ef69e3c7025afa56566e27453ef27f76901bd69ff47edd1
66417197be82b962dd092ee1386bcdb9c50aee71c678ec43fab753e889487581
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7353845f03aa2b8c6be57fa2e915bbd9bb45a3c24cef76703c9944d916e65c2a
7b0cebeb3316b6a9e3f47c28ad1e75c1ac557819c65a9424bbe6ebc44d4bb6ad
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
85558fc448eb18534cb11a66b5552c6ce2f19a1b3b4fa94de92eea68ea69888a
88706120bcc17d5f3be0bb5ddb68ac9ec3431c0784b6792982595cb6d03ebf23
89a4195cedc39659810cbe77c2b3af601813d52d59728ce7e16dfce94fe60f8e
93e565cfd1802716c2e21b99b8e42b0f9b3cd4f5b4fdc698bfee5b21b62f6862
94f9f8c61a11ebd9b7b49631ff3aeb2115d6897a15224aa595eeb9db0513b1eb
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
ac80e0acc90189e5d22b0d1fe4b89c163c653f7a572431ca4a8d8e2991cf61c0
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cfab2e61669df8529f9db9b4c12b84a3b07561b33c36b5b3bf771412896a5e54
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d83607d271d287418fdb2b503d0d282c0cdf91c6b3c8c574d3dc4e3674d8b6eb
e042a3c7bb03aaa0ec1f7df629f6e6e40ac812933caa2786776ad9feba30e29f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c
f14dc0c4168e3ee90d8183fb58a9d698fa791ad45c1bcc4f63c0e59543f14adc
f6e4355a417e3d3712ef0d2b4b5588a8dd1f4206703f68171e7a0a9ef41468ac
ff9a44dbabe56ea896bf1a287af6ac3b6b18309f142116b49790cdded4e6386f

www.bstemplates.com Open in urlscan Pro 107.180.41.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

89 Requests

87 %HTTPS

54 %IPv6

18 Domains

23 Subdomains

21 IPs

5 Countries

1229 kBTransfer

2663 kBSize

3 Cookies

1 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bstemplates.com Open in urlscan Pro
107.180.41.251 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

87 %
HTTPS

54 %
IPv6

18
Domains

23
Subdomains

21
IPs

5
Countries

1229 kB
Transfer

2663 kB
Size

3
Cookies

89 HTTP transactions
4 data transactions